Bump minimatch from 3.1.2 to 3.1.5#536
Conversation
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
There was a problem hiding this comment.
Copilot wasn't able to review any files in this pull request.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@copilot can you check why staging failed and maybe retry? |
The staging failure is not related to the code changes in this PR. The workflow fails because Dependabot PRs run with restricted secret access ( This is the same failure seen on all other Dependabot PRs (e.g., the |
@copilot how do I do this: "Alternatively, a maintainer can manually re-run the staging workflow to use the standard repository secrets." |
To manually re-run the staging workflow as a maintainer:
When a maintainer triggers the re-run, GitHub uses the standard repository secrets context instead of the Dependabot-restricted context, so the Azure login step will succeed. |
|
@copilot resolve the merge conflicts in this pull request |
Co-authored-by: btardif <4119816+btardif@users.noreply.github.com>
Merge conflicts resolved in commit |
Preview link: https://antares-blog-staging-pr-536.azurewebsites.net
|
Bumps minimatch from 3.1.2 to 3.1.5.
Commits
7bba9783.1.5bd25942docs: add warning about ReDoS1a9c27cfix partial matching of globstar patterns1a2e0843.1.4ae24656update lockfileb100374limit recursion for **, improve perf considerably26ffeaalockfile update9eca892lock node version to 1400c323b3.1.330486b2update CI matrix and actionsYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.