Sourced from micromatch's\r\nreleases.
\r\n\r\n\r\n4.0.8
\r\nUltimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We\r\nconsider the issues low-priority, so even if you see automated scanners\r\nsaying otherwise, don't be scared.
\r\n4.0.4
\r\n\r\n
\r\n- fix: Update picomatch to fix regression #179\r\n(8becb55)
\r\n4.0.3
\r\n\r\n
\r\n- Enforce newer version of picomatch with bugfixes
\r\n
Sourced from micromatch's\r\nchangelog.
\r\n\r\n\r\n[4.0.8] - 2024-08-22
\r\n\r\n
\r\n- backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch
\r\n[4.0.7] - 2024-05-22
\r\n\r\n
\r\n- this is basically v4.0.5, with some README updates
\r\n- it is vulnerable to CVE-2024-4067
\r\n- Updated braces to v3.0.3 to avoid CVE-2024-4068
\r\n- does NOT break API compatibility
\r\n[4.0.6] - 2024-05-21
\r\n\r\n
\r\n- Added
\r\nhasBraces
to check if a pattern contains\r\nbraces.- Fixes CVE-2024-4067
\r\n- BREAKS API COMPATIBILITY
\r\n- Should be labeled as a major release, but it's not.
\r\n[4.0.1 - 4.0.5]
\r\n[4.0.0] - 2019-03-20
\r\nAdded
\r\n\r\n
\r\n- Adds support for
\r\noptions.onMatch
. See the readme for\r\ndetails- Adds support for
\r\noptions.onIgnore
. See the readme for\r\ndetails- Adds support for
\r\noptions.onResult
. See the readme for\r\ndetailsBreaking changes
\r\n\r\n
\r\n- Require Node.js >= 8.6
\r\n- Removed support for passing an array of brace patterns to\r\n
\r\nmicromatch.braces()
.- To strictly enforce closing brackets (for
\r\n{
,\r\n[
, and(
), you must now use\r\nstrictBrackets=true
instead of\r\nstrictErrors
.- \r\n
cache
- caching and all related options and methods\r\nhave been removed- \r\n
options.unixify
was renamed to\r\noptions.windows
- \r\n
options.nodupes
Was removed. Duplicates are always\r\nremoved by default. You can override this with custom behavior by using\r\ntheonMatch
,onResult
and\r\nonIgnore
functions.- \r\n
options.snapdragon
was removed, as snapdragon is no\r\nlonger used.- \r\n
options.sourcemap
was removed, as snapdragon is no\r\nlonger used, which provided sourcemap support.[3.0.0] - 2017-04-11
\r\nComplete overhaul, with 36,000+ new unit tests validated against\r\nactual output generated by Bash and minimatch. More specifically,\r\n35,000+ of the tests:
\r\n\r\n
\r\n- micromatch results are directly compared to bash results
\r\n- in rare cases, when micromatch and bash disagree, micromatch's\r\nresults are compared to minimatch's results
\r\n- micromatch is much more accurate than minimatch, so there were cases\r\nwhere I had to make assumptions. I'll try to document these.
\r\nThis refactor introduces a parser and compiler that are supersets of\r\nmore granular parsers and compilers from other sub-modules. Each of\r\nthese sub-modules has a singular responsibility and focuses on a certain\r\ntype of matching that aligns with a specific part of the Bash\r\n"expansion" API.
\r\nThese sub-modules work like plugins to seamlessly create the\r\nmicromatch parser/compiler, so that strings are parsed in one pass, an\r\nAST\r\nis created, then a new string is generated by the compiler.
\r\n\r\n
... (truncated)
\r\n8bd704e
\r\n4.0.8a0e6841
\r\nrun verb to generate README documentation4ec2884
\r\nMerge branch 'v4' into hauserkristof-feature/v4.0.803aa805
\r\nMerge pull request #266\r\nfrom hauserkristof/feature/v4.0.8814f5f7
\r\nlint67fcce6
\r\nfix: CHANGELOG about braces & CVE-2024-4068, v4.0.5113f2e3
\r\nfix: CVE numbers in CHANGELOGd9dbd9a
\r\nfeat: updated CHANGELOG2ab1315
\r\nfix: use actions/setup-node@v41406ea3
\r\nfeat: rework test to work on macos with node 10,12 and 14