Skip to content

chore: Bump micromatch and lint-staged #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jperals merged 2 commits into from
Jun 3, 2025
Merged

chore: Bump micromatch and lint-staged #3

jperals merged 2 commits into from
Jun 3, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 10, 2025
edited
Loading

Bumps micromatch to 4.0.8 and updates ancestor dependency lint-staged. These dependencies need to be updated together.

Updates micromatch from 4.0.5 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

[4.0.7] - 2024-05-22

  • this is basically v4.0.5, with some README updates
  • it is vulnerable to CVE-2024-4067
  • Updated braces to v3.0.3 to avoid CVE-2024-4068
  • does NOT break API compatibility

[4.0.6] - 2024-05-21

  • Added hasBraces to check if a pattern contains braces.
  • Fixes CVE-2024-4067
  • BREAKS API COMPATIBILITY
  • Should be labeled as a major release, but it's not.
Commits

Updates lint-staged from 13.3.0 to 15.4.3

Release notes

Sourced from lint-staged's releases.

v15.4.3

Patch Changes

  • #1512 cbfed1d Thanks @​tarik02! - Adjust TypeScript types for the default export so that it can be used as a value without error TS2693.

v15.4.2

Patch Changes

  • #1509 8827ebf Thanks @​iiroj! - Change lint-staged's dependencies to use caret (^) ranges instead of tilde (~). This makes it easier for package managers to perform dependency management when minor-level updates are also permitted instead of just patch-level.

v15.4.1

Patch Changes

v15.4.0

Minor Changes

  • #1500 a8ec1dd Thanks @​iiroj! - Lint-staged now provides TypeScript types for the configuration and main Node.js API. You can use the JSDoc syntax in your JS configuration files:

    /**
 * @filename: lint-staged.config.js
 * @type {import('lint-staged').Configuration}
 */
export default {
  '*': 'prettier --write',
}

    It's also possible to use the .ts file extension for the configuration if your Node.js version supports it. The --experimental-strip-types flag was introduced in Node.js v22.6.0 and unflagged in v23.6.0, enabling Node.js to execute TypeScript files without additional configuration.

    export NODE_OPTIONS="--experimental-strip-types"
npx lint-staged --config lint-staged.config.ts

Patch Changes

v15.3.0

Minor Changes

  • #1495 e69da9e Thanks @​iiroj! - Added more info to the debug logs so that "environment" info doesn't need to be added separately to GitHub issues.

  • #1493 fa0fe98 Thanks @​iiroj! - Added more help messages around the automatic git stash that lint-staged creates as a backup (by default). The console output also displays the short git hash of the stash so that it's easier to recover lost files in case some fatal errors are encountered, or the process is killed before completing.

... (truncated)

Changelog

Sourced from lint-staged's changelog.

15.4.3

Patch Changes

  • #1512 cbfed1d Thanks @​tarik02! - Adjust TypeScript types for the default export so that it can be used as a value without error TS2693.

15.4.2

Patch Changes

  • #1509 8827ebf Thanks @​iiroj! - Change lint-staged's dependencies to use caret (^) ranges instead of tilde (~). This makes it easier for package managers to perform dependency management when minor-level updates are also permitted instead of just patch-level.

15.4.1

Patch Changes

15.4.0

Minor Changes

  • #1500 a8ec1dd Thanks @​iiroj! - Lint-staged now provides TypeScript types for the configuration and main Node.js API. You can use the JSDoc syntax in your JS configuration files:

    /**
 * @filename: lint-staged.config.js
 * @type {import('lint-staged').Configuration}
 */
export default {
  '*': 'prettier --write',
}

    It's also possible to use the .ts file extension for the configuration if your Node.js version supports it. The --experimental-strip-types flag was introduced in Node.js v22.6.0 and unflagged in v23.6.0, enabling Node.js to execute TypeScript files without additional configuration.

    export NODE_OPTIONS="--experimental-strip-types"
npx lint-staged --config lint-staged.config.ts

Patch Changes

15.3.0

... (truncated)

Commits
  • e53f950 chore(changeset): release
  • 089da56 test: fail Jest when coverage is under 100%
  • 19aa461 ci: remove code coverage action since it's not working in PRs from forks
  • cbfed1d fix: update types.d.ts (#1512)
  • aef9e5c chore(changeset): release (#1510)
  • 8827ebf build(dependencies): update dependencies and switch to caret ranges (#1509)
  • 7f69b3f docs: generalize description from 'linting' to 'tasks' (#1507)
  • 1c93c9e chore(changeset): release (#1505)
  • c020664 Merge pull request #1504 from lint-staged/fix-typescript
  • 1c7a45e fix: default TypeScript config filenames match JS equivalents
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot requested a review from a team as a code owner March 10, 2025 13:14
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 10, 2025
@dependabot dependabot bot requested review from taheramr and removed request for a team March 10, 2025 13:14
@dependabot
chore(deps): Bump micromatch and lint-staged
d818a64 
Bumps [micromatch](https://github.com/micromatch/micromatch) to 4.0.8 and updates ancestor dependency [lint-staged](https://github.com/lint-staged/lint-staged). These dependencies need to be updated together.


Updates `micromatch` from 4.0.5 to 4.0.8
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/micromatch@4.0.5...4.0.8)

Updates `lint-staged` from 13.3.0 to 15.4.3
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v13.3.0...v15.4.3)

---
updated-dependencies:
- dependency-name: micromatch
  dependency-type: indirect
- dependency-name: lint-staged
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-a6214625a6 branch from db977cf to d818a64 Compare April 7, 2025 09:39
@taheramr taheramr requested review from jperals and pan-kot as code owners May 21, 2025 09:39
@codecov
Copy link

codecov bot commented May 21, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 87.61%. Comparing base (ce3c037) to head (6f60f21).
Report is 13 commits behind head on main.

❌ Your project status has failed because the head coverage (87.61%) is below the target coverage (90.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main       #3   +/-   ##
=======================================
  Coverage   87.61%   87.61%           
=======================================
  Files          13       13           
  Lines         210      210           
  Branches       38       38           
=======================================
  Hits          184      184           
  Misses         26       26

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@jperals jperals changed the title chore(deps): Bump micromatch and lint-staged chore: Bump micromatch and lint-staged Jun 3, 2025
@jperals jperals added this pull request to the merge queue Jun 3, 2025
Merged via the queue into main with commit 2a46e09 Jun 3, 2025
36 of 39 checks passed
@jperals jperals deleted the dependabot/npm_and_yarn/multi-a6214625a6 branch June 3, 2025 08:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jperals jperals jperals approved these changes

@taheramr taheramr Awaiting requested review from taheramr taheramr is a code owner automatically assigned from cloudscape-design/cloudscape-dev

@pan-kot pan-kot Awaiting requested review from pan-kot

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jperals @taheramr