Skip to content

fix(deps): bump brace-expansion from 1.1.14 to 5.0.6#406

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/brace-expansion-5.0.6
Open

fix(deps): bump brace-expansion from 1.1.14 to 5.0.6#406
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/brace-expansion-5.0.6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026
edited
Loading

Bumps brace-expansion from 1.1.14 to 5.0.6.

Release notes

Sourced from brace-expansion's releases.

v4.0.1

  • fmt 5a5cc17
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 0b6a978

juliangruber/brace-expansion@v4.0.0...v4.0.1

v4.0.0

  • feat: use string replaces instead of splits (#64) 278132b
  • fmt dd72a59
  • add tea.yaml 70e4c1b

juliangruber/brace-expansion@v3.0.0...v4.0.0

As a precaution to not risk breaking anything with 278132b, this is a new semver major release

v3.0.1

  • pkg: publish on tag 3.x 3059c07
  • fmt 8229e6f
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 15f9b3c

juliangruber/brace-expansion@v3.0.0...v3.0.1

v3.0.0

  • Switch to ES Modules and balanced-match 3.0.0 (#62) c0360e8
  • added jsdoc (#55) 68c0e37
  • node 16 is EOL 9e781e9
  • add standard 3494c4d
  • use const and let (#57) dd5a4cb
  • docs 6dad209
  • remove test e3dd8ae
  • ci: update node versions d23ede9
  • docs: add @​lanodan to contributors 1eb3fa4
  • docs 1e7c9cd
  • switch from tape to test module (#60) 2520537
  • Bump minimist from 1.2.5 to 1.2.6 (#59) 61a94f1
  • Bump path-parse from 1.0.6 to 1.0.7 (#51) dc741cf
  • docs: add back ci badge 8ee5626
  • Add github actions, remove travis. Closes #52 (#53) 5c8756a
  • CI: Drop unused sudo: false Travis directive (#50) 05978a7

juliangruber/brace-expansion@v2.0.1...v3.0.0

v2.0.2

  • pkg: publish on tag 2.x 14f1d91
  • fmt ed7780a
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

... (truncated)

Commits
Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 18, 2026

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot changed the title build(deps): bump brace-expansion from 5.0.5 to 5.0.6 build(deps): bump brace-expansion from 1.1.14 to 5.0.6 May 19, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/brace-expansion-5.0.6 branch from f50266c to f50383b Compare May 19, 2026 11:16
@dependabot
fix(deps): bump brace-expansion from 1.1.14 to 5.0.6
986b730 
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.14 to 5.0.6.
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@v1.1.14...v5.0.6)

---
updated-dependencies:
- dependency-name: brace-expansion
  dependency-version: 5.0.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): bump brace-expansion from 1.1.14 to 5.0.6 fix(deps): bump brace-expansion from 1.1.14 to 5.0.6 May 19, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/brace-expansion-5.0.6 branch from f50383b to 986b730 Compare May 19, 2026 11:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants