chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /npm-package #1500

dependabot · 2024-06-14T07:39:21Z

Bumps braces from 3.0.2 to 3.0.3.

Commits

74b2db2 3.0.3
88f1429 update eslint. lint, fix unit tests.
415d660 Snyk js braces 6838727 (#40)
190510f fix tests, skip 1 test in test/braces.expand
716eb9f readme bump
a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
98414f9 remove funding file
665ab5d update keepEscaping doc (#27)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Fix buildJars task (microsoft#1481) chore(deps): bump protobufjs from 7.2.4 to 7.2.6 in /npm-package (microsoft#1483) Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 7.2.4 to 7.2.6. - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.2.4...protobufjs-v7.2.6) --- updated-dependencies: - dependency-name: protobufjs dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jinbo Wang <jinbwan@microsoft.com> chore(deps-dev): bump protobufjs from 7.2.4 to 7.2.6 in /extension (microsoft#1482) Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 7.2.4 to 7.2.6. - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.2.4...protobufjs-v7.2.6) --- updated-dependencies: - dependency-name: protobufjs dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jinbo Wang <jinbwan@microsoft.com> chores: Add build server debug config (microsoft#1486) build: Update code sign task to v5 (microsoft#1488) refactor: Move Gradle Daemons implementation from Java into Typescript (microsoft#1489) Fix: Append the log message to build output if it's from compilation report. (microsoft#1490) - Store the id of the compilation task in an LRU cache. - Append the log message to the build output if it's from the compilation task. Signed-off-by: Sheng Chen <sheche@microsoft.com> fix: set GradleExecution jdk use java.import.gradle.java.home (microsoft#1491) Refresh the output folders after build tasks (microsoft#1493) Signed-off-by: Sheng Chen <sheche@microsoft.com> build: Update telemetry wrapper to 0.14.0 (microsoft#1495) chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /extension (microsoft#1496) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Extract api scan to a separate pipeline (microsoft#1498) build: Prepare for 3.14.0 (microsoft#1499) chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /npm-package (microsoft#1500) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> gradle server muti-thread fix- Fix the importer version and prepare for 3.14.1 (microsoft#1501) build - Update target platform (microsoft#1502) init named pipe impl muti-thread and named pipe for buildServer gradle server muti-thread fix- Fix the importer version and prepare for 3.14.1 (microsoft#1501) build - Update target platform (microsoft#1502) init named pipe test build Server named pipe connection test build Server named pipe connection update build/initialize sender finish forward message demo finish merge and named pipe implement polling solution Only send request after initialization (microsoft#1503) fix - Add java 22 to compatibility matrix (microsoft#1505) Introduce gson to simplify the object parsing (microsoft#1509) Signed-off-by: Sheng Chen <sheche@microsoft.com> fix bug: buildServerHandler

…rosoft#1500) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot requested a review from jdneo as a code owner June 14, 2024 07:39

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 14, 2024

dependabot bot requested a review from testforstephen as a code owner June 14, 2024 07:39

jdneo approved these changes Jun 14, 2024

View reviewed changes

jdneo merged commit 56426f1 into develop Jun 14, 2024
14 checks passed

jdneo deleted the dependabot/npm_and_yarn/npm-package/braces-3.0.3 branch June 14, 2024 07:52

jdneo modified the milestones: 3.14.0, 3.15.0 Jun 14, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /npm-package #1500

chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /npm-package #1500

dependabot bot commented on behalf of github Jun 14, 2024

chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /npm-package #1500

chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /npm-package #1500

Conversation

dependabot bot commented on behalf of github Jun 14, 2024