Skip to content

chore(deps): bump the minor-production-deps group with 6 updates#1417

Open
dependabot[bot] wants to merge 1 commit intonextfrom
dependabot/npm_and_yarn/minor-production-deps-979ae8edb6
Open

chore(deps): bump the minor-production-deps group with 6 updates#1417
dependabot[bot] wants to merge 1 commit intonextfrom
dependabot/npm_and_yarn/minor-production-deps-979ae8edb6

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 1, 2026

Bumps the minor-production-deps group with 6 updates:

Package From To
@oclif/core 4.8.0 4.8.2
@oclif/plugin-plugins 5.4.55 5.4.56
oas-normalize 15.7.0 15.7.1
ora 9.1.0 9.3.0
semver 7.7.3 7.7.4
simple-git 3.30.0 3.32.3

Updates @oclif/core from 4.8.0 to 4.8.2

Release notes

Sourced from @​oclif/core's releases.

4.8.2

Bug Fixes

  • deps: bump minimatch from 10.2.1 to 10.2.4 (d1d9831)

4.8.1

Bug Fixes

  • deps: bump minimatch from 9.0.5 to 10.2.1 (2815e37)
Changelog

Sourced from @​oclif/core's changelog.

4.8.2 (2026-02-28)

Bug Fixes

  • deps: bump minimatch from 10.2.1 to 10.2.4 (d1d9831)

4.8.1 (2026-02-22)

Bug Fixes

  • deps: bump minimatch from 9.0.5 to 10.2.1 (2815e37)
Commits
  • 718be37 chore(release): 4.8.2 [skip ci]
  • 7984897 Merge pull request #1547 from oclif/dependabot-npm_and_yarn-minimatch-10.2.4
  • d1d9831 fix(deps): bump minimatch from 10.2.1 to 10.2.4
  • 6bfe3a5 Merge pull request #1545 from oclif/ew/slack-webhook-secret
  • 073454b chore: pass slack webhook secret [skip ci]
  • 5072476 chore(release): 4.8.1 [skip ci]
  • ce25dae Merge pull request #1539 from oclif/dependabot-npm_and_yarn-minimatch-10.2.1
  • 2815e37 fix(deps): bump minimatch from 9.0.5 to 10.2.1
  • bcfc7d0 Merge pull request #1540 from oclif/dependabot-npm_and_yarn-eslint-9.39.3
  • d399e77 chore(dev-deps): bump eslint from 9.39.2 to 9.39.3
  • Additional commits viewable in compare view

Updates @oclif/plugin-plugins from 5.4.55 to 5.4.56

Release notes

Sourced from @​oclif/plugin-plugins's releases.

5.4.56

Bug Fixes

Changelog

Sourced from @​oclif/plugin-plugins's changelog.

5.4.56 (2026-02-07)

Bug Fixes

Commits
  • d1bf929 chore(release): 5.4.56 [skip ci]
  • 5173591 fix(deps): bump semver from 7.7.3 to 7.7.4 (#1280)
  • 4daf9d4 chore(dev-deps): bump eslint-config-oclif from 6.0.133 to 6.0.135 (#1276)
  • 582b69b chore(dev-deps): bump oclif from 4.22.68 to 4.22.70 (#1277)
  • 427d9c5 chore(dev-deps): bump eslint-config-oclif from 6.0.130 to 6.0.133 (#1271)
  • 1594f3d chore(dev-deps): bump @​oclif/plugin-help from 6.2.36 to 6.2.37 (#1272)
  • 0e76df0 chore(dev-deps): bump prettier from 3.8.0 to 3.8.1 (#1273)
  • a1b9cdc chore(dev-deps): bump oclif from 4.22.65 to 4.22.68 (#1274)
  • 8ec7dfe chore(dev-deps): bump @​oclif/test from 4.1.15 to 4.1.16 (#1275)
  • See full diff in compare view

Updates oas-normalize from 15.7.0 to 15.7.1

Commits

Updates ora from 9.1.0 to 9.3.0

Release notes

Sourced from ora's releases.

v9.3.0

  • Reduce flicker in rendering 2ab4f76

sindresorhus/ora@v9.2.0...v9.3.0

v9.2.0

  • Update stdin-discarder dependency (#251) 020eaba

sindresorhus/ora@v9.1.0...v9.2.0

Commits

Updates semver from 7.7.3 to 7.7.4

Release notes

Sourced from semver's releases.

v7.7.4

7.7.4 (2026-01-16)

Bug Fixes

Documentation

Dependencies

Chores

Changelog

Sourced from semver's changelog.

7.7.4 (2026-01-16)

Bug Fixes

Documentation

Dependencies

Chores

Commits
  • 5993c2e chore: release 7.7.4 (#839)
  • 120968b deps: @​npmcli/template-oss@​4.29.0 (#840)
  • a29faa5 fix(cli): pass options to semver.valid() for loose version validation (#835)
  • 1d28d5e docs: fix typos and update -n CLI option documentation (#836)
  • 5816d4c chore: bump @​npmcli/template-oss from 4.28.0 to 4.28.1 (#829)
  • ab9e28a chore: bump @​npmcli/template-oss from 4.27.1 to 4.28.0 (#827)
  • 44d7130 chore: bump @​npmcli/eslint-config from 5.1.0 to 6.0.0 (#824)
  • 7073576 chore: reorder parameters in invalid-versions.js test (#820)
  • 16a35f5 chore: bump @​npmcli/template-oss from 4.26.0 to 4.27.1 (#823)
  • 3a3459d chore: bump @​npmcli/template-oss from 4.25.1 to 4.26.0 (#818)
  • See full diff in compare view

Updates simple-git from 3.30.0 to 3.32.3

Release notes

Sourced from simple-git's releases.

simple-git@3.32.3

Patch Changes

  • f704208: Enhanced protocol.allow checks in allowUnsafeExtProtocol handling.

    Thanks to @​CodeAnt-AI-Security for identifying the issue

simple-git@3.32.2

Patch Changes

  • 8d02097: Enhanced clone unsafe switch detection.

simple-git@3.32.1

Patch Changes

  • 23b070f: Fix regex for detecting unsafe clone options

    Thanks to @​stevenwdv for reporting this issue.

simple-git@3.32.0

Minor Changes

  • 1effd8e: Enhances the unsafe plugin to block additional cases where the -u switch may be disguised along with other single character options.

    Thanks to @​JuHwiSang for identifying this as vulnerability.

Patch Changes

  • d5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.

simple-git@3.31.1

Patch Changes

  • a44184f: Resolve NPM publish steps
Changelog

Sourced from simple-git's changelog.

3.32.3

Patch Changes

  • f704208: Enhanced protocol.allow checks in allowUnsafeExtProtocol handling.

    Thanks to @​CodeAnt-AI-Security for identifying the issue

3.32.2

Patch Changes

  • 8d02097: Enhanced clone unsafe switch detection.

3.32.1

Patch Changes

  • 23b070f: Fix regex for detecting unsafe clone options

    Thanks to @​stevenwdv for reporting this issue.

3.32.0

Minor Changes

  • 1effd8e: Enhances the unsafe plugin to block additional cases where the -u switch may be disguised along with other single character options.

    Thanks to @​JuHwiSang for identifying this as vulnerability.

Patch Changes

  • d5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.

3.31.1

Patch Changes

  • a44184f: Resolve NPM publish steps

3.31.0

Minor Changes

  • 22dc93f: Custom binary plugin should support the use of ~ character, used by Windows to shorten long folder names and folder names that have spaces in them (eg: C:\Program Files might become C:\PROGRA~1).

    Thanks to @​skyshineb for reporting this issue.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for simple-git since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the minor-production-deps group with 6 updates
82be208 
Bumps the minor-production-deps group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [@oclif/core](https://github.com/oclif/core) | `4.8.0` | `4.8.2` |
| [@oclif/plugin-plugins](https://github.com/oclif/plugin-plugins) | `5.4.55` | `5.4.56` |
| [oas-normalize](https://github.com/readmeio/oas/tree/HEAD/packages/oas-normalize) | `15.7.0` | `15.7.1` |
| [ora](https://github.com/sindresorhus/ora) | `9.1.0` | `9.3.0` |
| [semver](https://github.com/npm/node-semver) | `7.7.3` | `7.7.4` |
| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.30.0` | `3.32.3` |


Updates `@oclif/core` from 4.8.0 to 4.8.2
- [Release notes](https://github.com/oclif/core/releases)
- [Changelog](https://github.com/oclif/core/blob/main/CHANGELOG.md)
- [Commits](oclif/core@4.8.0...4.8.2)

Updates `@oclif/plugin-plugins` from 5.4.55 to 5.4.56
- [Release notes](https://github.com/oclif/plugin-plugins/releases)
- [Changelog](https://github.com/oclif/plugin-plugins/blob/main/CHANGELOG.md)
- [Commits](oclif/plugin-plugins@5.4.55...5.4.56)

Updates `oas-normalize` from 15.7.0 to 15.7.1
- [Release notes](https://github.com/readmeio/oas/releases)
- [Commits](https://github.com/readmeio/oas/commits/oas-normalize@15.7.1/packages/oas-normalize)

Updates `ora` from 9.1.0 to 9.3.0
- [Release notes](https://github.com/sindresorhus/ora/releases)
- [Commits](sindresorhus/ora@v9.1.0...v9.3.0)

Updates `semver` from 7.7.3 to 7.7.4
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.7.3...v7.7.4)

Updates `simple-git` from 3.30.0 to 3.32.3
- [Release notes](https://github.com/steveukx/git-js/releases)
- [Changelog](https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md)
- [Commits](https://github.com/steveukx/git-js/commits/simple-git@3.32.3/simple-git)

---
updated-dependencies:
- dependency-name: "@oclif/core"
  dependency-version: 4.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-production-deps
- dependency-name: "@oclif/plugin-plugins"
  dependency-version: 5.4.56
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-production-deps
- dependency-name: oas-normalize
  dependency-version: 15.7.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-production-deps
- dependency-name: ora
  dependency-version: 9.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-production-deps
- dependency-name: semver
  dependency-version: 7.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-production-deps
- dependency-name: simple-git
  dependency-version: 3.32.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-production-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants