Skip to content

Bump minimatch and mocha#393

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-829fc934ed
Closed

Bump minimatch and mocha#393
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-829fc934ed

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 2, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps minimatch to 3.1.5 and updates ancestor dependency mocha. These dependencies need to be updated together.

Updates minimatch from 3.0.4 to 3.1.5

Commits

Updates mocha from 8.4.0 to 11.7.5

Release notes

Sourced from mocha's releases.

v11.7.5

11.7.5 (2025-11-04)

🩹 Fixes

  • swallow more require errors from *ts files (#5498) (d89dbaf)

🧹 Chores

v11.7.4

11.7.4 (2025-10-01)

🩹 Fixes

📚 Documentation

  • migrate remaining legacy wiki pages to main documentation (#5465) (bff9166)

🧹 Chores

v11.7.3

11.7.3 (2025-09-30)

🩹 Fixes

  • use original require() error for TS files if ERR_UNKNOWN_FILE_EXTENSION (#5408) (ebdbc48)

📚 Documentation

🤖 Automation

... (truncated)

Changelog

Sourced from mocha's changelog.

11.7.5 (2025-11-04)

🩹 Fixes

  • swallow more require errors from *ts files (#5498) (d89dbaf)

🧹 Chores

11.7.4 (2025-10-01)

🩹 Fixes

📚 Documentation

  • migrate remaining legacy wiki pages to main documentation (#5465) (bff9166)

🧹 Chores

11.7.3 (2025-09-30)

🩹 Fixes

  • use original require() error for TS files if ERR_UNKNOWN_FILE_EXTENSION (#5408) (ebdbc48)

📚 Documentation

🤖 Automation

  • deps: bump actions/setup-node in the github-actions group (#5459) (48c6f40)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
Bump minimatch and mocha
b45a3ff 
Bumps [minimatch](https://github.com/isaacs/minimatch) to 3.1.5 and updates ancestor dependency [mocha](https://github.com/mochajs/mocha). These dependencies need to be updated together.


Updates `minimatch` from 3.0.4 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.5)

Updates `mocha` from 8.4.0 to 11.7.5
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/v11.7.5/CHANGELOG.md)
- [Commits](mochajs/mocha@v8.4.0...v11.7.5)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
- dependency-name: mocha
  dependency-version: 11.7.5
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 2, 2026
@CLAassistant

CLAassistant commented Mar 2, 2026

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@hcldan

hcldan commented Jun 10, 2026

Copy link
Copy Markdown
Member

@dependabot rebase

@dependabot @github

dependabot Bot commented on behalf of github Jun 10, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are no longer updatable, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 10, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/multi-829fc934ed branch June 10, 2026 13:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CLAassistant @hcldan