fix(deps): bump minimatch and npm by dependabot[bot] · Pull Request #231 · yandex-cloud/nodejs-sdk

dependabot · 2026-04-15T07:13:31Z

Bumps minimatch and npm. These dependencies needed to be updated together.
Updates minimatch from 3.1.2 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates npm from 9.6.5 to 9.9.4

Changelog

9.9.4 (2024-11-21)

Dependencies

080e201 #7930 hosted-git-info@6.1.3 (#7930)

401bb86 #7928 tar@6.2.1

cfb3b77 #7928 cross-spawn@7.0.6

6a5f8a8 #7928 debug@4.3.7

72df313 #7928 hosted-git-info@6.1.2

9.9.3 (2024-02-26)

Bug Fixes

88ea8c7 #7010 set objectMode for search filter stream (@lukekarrys)

8d9d735 #7010 unpublish: bubble up all errors parsing local package.json (#7049) (@wraithgar)

e0e75e5 #7010 unpublish bugfixes (#7039) (@wraithgar)

4d59ce1 #7047 reverse direction of SPDX SBOM dep rels (#7047) (@bdehamer, @antonbauhofer)

878f22b #7008 properly catch missing url opener error (@wraithgar)

91a8eca #7008 properly catch missing url opener error on interactive prompt (@wraithgar)

Dependencies

1968e0e #7010 spdx-license-ids@3.0.17

d130576 #7010 spdx-exceptions@2.5.0

00f28b8 #7010 signal-exit@4.1.0

57096c3 #7010 postcss-selector-parser@6.0.15

3ce677e #7010 minipass-fetch@3.0.4

89757ed #7010 is-core-module@2.13.1

bc1e841 #7010 socks@2.8.1

01f4049 #7010 ignore-walk@6.0.4

15f8982 #7010 function-bind@1.1.2

88ff949 #7010 cmd-shim@6.0.2

3e298f6 #7010 bin-links@4.0.3

35a6286 #7010 are-we-there-yet@4.0.2

aeb28c4 #7010 agentkeepalive@4.5.0

edc7e23 #7010 @npmcli/query@3.1.0

00a3a08 #7010 tar@6.2.0

7f424c3 #7010 ssri@10.0.5

79b8538 #7010 semver@7.6.0

b5faf10 #7010 npm-install-checks@6.3.0

2c62266 #7010 node-gyp@9.4.1

cc0516b #7010 minipass@7.0.4

651d362 #7010 json-parse-even-better-errors@3.0.1

4b239c6 #7010 glob@10.3.10

2f65b46 #7010 fs-minipass@3.0.3

6c73ddf #7010 diff@5.2.0

73ee6cc #7010 ci-info@4.0.0

64715a4 #7010 cacache@17.1.4

workspace: @npmcli/arborist@6.5.1

... (truncated)

Commits

64763a3 chore: release 9.9.4
080e201 deps: hosted-git-info@6.1.3 (#7930)
401bb86 deps: tar@6.2.1
cfb3b77 deps: cross-spawn@7.0.6
6a5f8a8 deps: debug@4.3.7
72df313 deps: hosted-git-info@6.1.2
4998adf chore: release 9.9.3
77fa150 chore(release): do not exclude docs directory from CLI release commits (#7162)
1d4c464 chore: @npmcli/template-oss@4.21.3
88ea8c7 fix: set objectMode for search filter stream
Additional commits viewable in compare view

Bumps [minimatch](https://github.com/isaacs/minimatch) and [npm](https://github.com/npm/cli). These dependencies needed to be updated together. Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `npm` from 9.6.5 to 9.9.4 - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/v9.9.4/CHANGELOG.md) - [Commits](npm/cli@v9.6.5...v9.9.4) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect - dependency-name: npm dependency-version: 9.9.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 15, 2026

dependabot bot force-pushed the dependabot/npm_and_yarn/multi-e88019d9e1 branch from 296e71e to a4658d8 Compare April 16, 2026 12:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): bump minimatch and npm#231

fix(deps): bump minimatch and npm#231
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-e88019d9e1

dependabot bot commented on behalf of github Apr 15, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Apr 15, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

9.9.4 (2024-11-21)

Dependencies

9.9.3 (2024-02-26)

Bug Fixes

Dependencies

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Apr 15, 2026 •

edited

Loading