Skip to content

Bump brace-expansion from 1.1.12 to 2.0.2#2084

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/brace-expansion-2.0.2
Open

Bump brace-expansion from 1.1.12 to 2.0.2#2084
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/brace-expansion-2.0.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 15, 2026
edited
Loading

Bumps brace-expansion from 1.1.12 to 2.0.2.

Release notes

Sourced from brace-expansion's releases.

v2.0.2

  • pkg: publish on tag 2.x 14f1d91
  • fmt ed7780a
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 15, 2026
Copilot AI review requested due to automatic review settings May 15, 2026 13:46
@dependabot dependabot Bot added javascript Pull requests that update Javascript code dependencies Pull requests that update a dependency file labels May 15, 2026
@github-project-automation github-project-automation Bot moved this to Backlog (Not Ready) in DevX May 15, 2026
Copilot AI reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@dependabot dependabot Bot mentioned this pull request May 15, 2026
Closed
@dependabot
Bump brace-expansion from 1.1.12 to 2.0.2
1d8d767 
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.12 to 2.0.2.
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@v1.1.12...v2.0.2)

---
updated-dependencies:
- dependency-name: brace-expansion
  dependency-version: 2.0.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/brace-expansion-2.0.2 branch from c4521b8 to 1d8d767 Compare May 15, 2026 20:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

DevX
Status: Backlog (Not Ready)

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant