Skip to content

Bump brace-expansion from 1.1.13 to 5.0.6#2863

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/brace-expansion-5.0.6
Open

Bump brace-expansion from 1.1.13 to 5.0.6#2863
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/brace-expansion-5.0.6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026
edited
Loading

Bumps brace-expansion from 1.1.13 to 5.0.6.

Release notes

Sourced from brace-expansion's releases.

v4.0.1

  • fmt 5a5cc17
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 0b6a978

juliangruber/brace-expansion@v4.0.0...v4.0.1

v4.0.0

  • feat: use string replaces instead of splits (#64) 278132b
  • fmt dd72a59
  • add tea.yaml 70e4c1b

juliangruber/brace-expansion@v3.0.0...v4.0.0

As a precaution to not risk breaking anything with 278132b, this is a new semver major release

v3.0.1

  • pkg: publish on tag 3.x 3059c07
  • fmt 8229e6f
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 15f9b3c

juliangruber/brace-expansion@v3.0.0...v3.0.1

v3.0.0

  • Switch to ES Modules and balanced-match 3.0.0 (#62) c0360e8
  • added jsdoc (#55) 68c0e37
  • node 16 is EOL 9e781e9
  • add standard 3494c4d
  • use const and let (#57) dd5a4cb
  • docs 6dad209
  • remove test e3dd8ae
  • ci: update node versions d23ede9
  • docs: add @​lanodan to contributors 1eb3fa4
  • docs 1e7c9cd
  • switch from tape to test module (#60) 2520537
  • Bump minimist from 1.2.5 to 1.2.6 (#59) 61a94f1
  • Bump path-parse from 1.0.6 to 1.0.7 (#51) dc741cf
  • docs: add back ci badge 8ee5626
  • Add github actions, remove travis. Closes #52 (#53) 5c8756a
  • CI: Drop unused sudo: false Travis directive (#50) 05978a7

juliangruber/brace-expansion@v2.0.1...v3.0.0

v2.0.2

  • pkg: publish on tag 2.x 14f1d91
  • fmt ed7780a
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

... (truncated)

Commits
Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

@dependabot dependabot Bot requested a review from remal as a code owner May 18, 2026 16:24
@dependabot dependabot Bot added dependencies javascript Pull requests that update Javascript code labels May 18, 2026
@dependabot dependabot Bot changed the title Bump brace-expansion from 2.0.1 to 5.0.6 Bump brace-expansion from 1.1.13 to 5.0.6 May 18, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/brace-expansion-5.0.6 branch from 16f00ac to 040ede2 Compare May 18, 2026 17:56
@dependabot
Bump brace-expansion from 1.1.13 to 5.0.6
dc98184 
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.13 to 5.0.6.
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@v1.1.13...v5.0.6)

---
updated-dependencies:
- dependency-name: brace-expansion
  dependency-version: 5.0.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/brace-expansion-5.0.6 branch from 040ede2 to dc98184 Compare May 18, 2026 23:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@remal remal Awaiting requested review from remal remal is a code owner

Assignees

No one assigned

Labels

dependencies javascript Pull requests that update Javascript code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants