Commit f3a2cdd
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
deps: bump glob from 11.1.0 to 13.0.0 (#322)
Bumps [glob](https://github.com/isaacs/node-glob) from 11.1.0 to 13.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/isaacs/node-glob/blob/main/changelog.md">glob's
changelog</a>.</em></p>
<blockquote>
<h1>changeglob</h1>
<h2>13</h2>
<ul>
<li>Move the CLI program out to a separate package,
<code>glob-bin</code>.
Install that if you'd like to continue using glob from the
command line.</li>
</ul>
<h2>12</h2>
<ul>
<li>Remove the unsafe <code>--shell</code> option. The
<code>--shell</code> option is now
ONLY supported on known shells where the behavior can be
implemented safely.</li>
</ul>
<h2>11.1</h2>
<p><a
href="https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2">GHSA-5j98-mcp5-4vw2</a></p>
<ul>
<li>Add the <code>--shell</code> option for the command line, with a
warning
that this is unsafe. (It will be removed in v12.)</li>
<li>Add the <code>--cmd-arg</code>/<code>-g</code> as a way to
<em>safely</em> add positional
arguments to the command provided to the CLI tool.</li>
<li>Detect commands with space or quote characters on known shells,
and pass positional arguments to them safely, avoiding
<code>shell:true</code> execution.</li>
</ul>
<h2>11.0</h2>
<ul>
<li>Drop support for node before v20</li>
</ul>
<h2>10.4</h2>
<ul>
<li>Add <code>includeChildMatches: false</code> option</li>
<li>Export the <code>Ignore</code> class</li>
</ul>
<h2>10.3</h2>
<ul>
<li>Add <code>--default -p</code> flag to provide a default pattern</li>
<li>exclude symbolic links to directories when <code>follow</code> and
<code>nodir</code>
are both set</li>
</ul>
<h2>10.2</h2>
<ul>
<li>Add glob cli</li>
</ul>
<h2>10.1</h2>
<ul>
<li>Return <code>'.'</code> instead of the empty string <code>''</code>
when the current
working directory is returned as a match.</li>
<li>Add <code>posix: true</code> option to return <code>/</code>
delimited paths, even on</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/isaacs/node-glob/commit/3bfb9604fabcd372fd13bbacef90339d10d1aa92"><code>3bfb960</code></a>
13.0.0</li>
<li><a
href="https://github.com/isaacs/node-glob/commit/db31a63edaffa88b6361199267f155112f49f4fe"><code>db31a63</code></a>
Split the CLI out from the main project</li>
<li><a
href="https://github.com/isaacs/node-glob/commit/54934586bc33b3f90fde6c13c1ca5b719801ee78"><code>5493458</code></a>
ci: remove node 20</li>
<li><a
href="https://github.com/isaacs/node-glob/commit/3f7526c1f4843404a3548c5c5fc27aa2a329bca2"><code>3f7526c</code></a>
test: fix bin tests on windows (slashes)</li>
<li><a
href="https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221"><code>2b03cca</code></a>
12.0.0</li>
<li><a
href="https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458"><code>d56203d</code></a>
prettier config</li>
<li><a
href="https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59"><code>bb521e5</code></a>
Remove --shell option where unsafe to use</li>
<li>See full diff in <a
href="https://github.com/isaacs/node-glob/compare/v11.1.0...v13.0.0">compare
view</a></li>
</ul>
</details>
<br />
<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>
| Dependency Name | Ignore Conditions |
| --- | --- |
| glob | [>= 11.a, < 12] |
</details>
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
**Note:** Dependabot was ignoring updates to this dependency, but since
you've updated it yourself we've started tracking it for you again. 🤖
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent 6f96e0f commit f3a2cdd
1 file changed
+1
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
48 | 48 | | |
49 | 49 | | |
50 | 50 | | |
51 | | - | |
| 51 | + | |
52 | 52 | | |
53 | 53 | | |
54 | 54 | | |
| |||
0 commit comments