chore(deps): bump brace-expansion from 5.0.4 to 5.0.5#777
Merged
chenrui333 merged 1 commit intomasterfrom Apr 12, 2026
Merged
Conversation
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 5.0.4 to 5.0.5. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@v5.0.4...v5.0.5) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 5.0.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
kodiakhq bot
pushed a commit
to pdylanross/fatigue
that referenced
this pull request
Apr 13, 2026
Bumps softprops/action-gh-release from 2 to 3. Release notes Sourced from softprops/action-gh-release's releases. v3.0.0 3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2. What's Changed Other Changes 🔄 Move the action runtime and bundle target to Node 24 Update @types/node to the Node 24 line and allow future Dependabot updates Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release v2.6.2 What's Changed Other Changes 🔄 chore(deps): bump picomatch from 4.0.3 to 4.0.4 by @dependabot[bot] in softprops/action-gh-release#775 chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 by @dependabot[bot] in softprops/action-gh-release#777 chore(deps): bump vite from 8.0.0 to 8.0.5 by @dependabot[bot] in softprops/action-gh-release#781 Full Changelog: softprops/action-gh-release@v2...v2.6.2 v2.6.1 2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](softprops/action-gh-release#764), where the draft-first publish flow stopped carrying the discussion category through the final publish step. If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible. What's Changed Bug fixes 🐛 fix: preserve discussion category on publish by @chenrui333 in softprops/action-gh-release#765 v2.6.0 2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published. If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible. What's Changed ... (truncated) Changelog Sourced from softprops/action-gh-release's changelog. 0.1.13 fix issue with multiple runs concatenating release bodies #145 Commits b430933 release: cut v3.0.0 for Node 24 upgrade (#670) c2e35e0 chore(deps): bump the npm group across 1 directory with 7 updates (#783) See full diff in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps brace-expansion from 5.0.4 to 5.0.5.
Commits
87939015.0.59a02af5Merge commit from forkdaa71bcBump tar from 7.5.10 to 7.5.11 (#92)799e5f7Bump tar from 7.5.9 to 7.5.10 (#90)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.