Skip to content

chore(deps): bump picomatch from 2.3.1 to 2.3.2 in /documentation#8123

Merged
DOsinga merged 2 commits intomainfrom
dependabot/npm_and_yarn/documentation/picomatch-2.3.2
Mar 26, 2026
Merged

chore(deps): bump picomatch from 2.3.1 to 2.3.2 in /documentation#8123
DOsinga merged 2 commits intomainfrom
dependabot/npm_and_yarn/documentation/picomatch-2.3.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 25, 2026

Bumps picomatch from 2.3.1 to 2.3.2.

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

Changed

3.0.1

Fixes

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 25, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 26, 2026
edited
Loading

PR Preview Action v1.8.1
Preview removed because the pull request was closed.
2026-03-26 21:20 UTC

@DOsinga DOsinga merged commit f8c491e into main Mar 26, 2026
25 of 26 checks passed
@DOsinga DOsinga deleted the dependabot/npm_and_yarn/documentation/picomatch-2.3.2 branch March 26, 2026 21:20
michaelneale added a commit that referenced this pull request Mar 26, 2026
@michaelneale
Merge branch 'main' into goose/issue-7449
a8ec573 
* main: (337 commits)
  fix: replace panics with user-friendly errors in CLI session builder (#7901)
  fix: read GOOSE_CONTEXT_LIMIT from config.yaml, not just env vars (#7900)
  fix: deliver truncation notice as separate content block (#7899)
  fix: use platform-appropriate commands in developer extension instructions (#7898)
  fix: replace any with proper SVG types in icon components (#7873)
  chore: remove debug console.log statements, stale comments, and dead code (#8142)
  feat: Gemini OAuth provider (#8129)
  chore(deps): bump picomatch from 2.3.1 to 2.3.2 in /documentation (#8123)
  feat: show installed skills in UI (#7910)
  fix(deps): gate keyring platform features behind target-specific deps (#8039)
  chore(deps): bump yaml from 2.8.2 to 2.8.3 in /evals/open-model-gym/suite (#8124)
  fix: strip message wrapper in CLI session title generation (#7996)
  fix(providers): fall back to configured models when models endpoint fetch fails (#7530)
  chore(deps): bump brace-expansion from 5.0.3 to 5.0.5 in /evals/open-model-gym/suite (#8139)
  fix: prevent Ollama provider from hanging on tool-calling requests (#7723)
  fix: VMware Tanzu Platform provider - bug fixes, streaming, UI improvements (#8126)
  feat: allow GOOSE_CLI_SHOW_THINKING to be set in config.yaml (#8097)
  fix: GitHub Copilot auth fails to open browser in Desktop app (#6957) (#8019)
  fix(ci): produce .tar.gz archives for Zed ACP registry compatibility (#8054)
  feat: add GOOSE_SHOW_FULL_OUTPUT config to disable tool output truncation (#7919)
  ...

# Conflicts:
#	crates/goose/src/providers/formats/openai.rs
hydrosquall pushed a commit to hydrosquall/goose that referenced this pull request Mar 31, 2026
@dependabot @hydrosquall
chore(deps): bump picomatch from 2.3.1 to 2.3.2 in /documentation (bl…
80accf3 
…ock#8123)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Douwe Osinga <[email protected]>
Signed-off-by: Cameron Yick <[email protected]>
blackgirlbytes pushed a commit that referenced this pull request Apr 2, 2026
@michaelneale
Merge branch 'main' into goose/issue-7449
60ae4d2 
* main: (337 commits)
  fix: replace panics with user-friendly errors in CLI session builder (#7901)
  fix: read GOOSE_CONTEXT_LIMIT from config.yaml, not just env vars (#7900)
  fix: deliver truncation notice as separate content block (#7899)
  fix: use platform-appropriate commands in developer extension instructions (#7898)
  fix: replace any with proper SVG types in icon components (#7873)
  chore: remove debug console.log statements, stale comments, and dead code (#8142)
  feat: Gemini OAuth provider (#8129)
  chore(deps): bump picomatch from 2.3.1 to 2.3.2 in /documentation (#8123)
  feat: show installed skills in UI (#7910)
  fix(deps): gate keyring platform features behind target-specific deps (#8039)
  chore(deps): bump yaml from 2.8.2 to 2.8.3 in /evals/open-model-gym/suite (#8124)
  fix: strip message wrapper in CLI session title generation (#7996)
  fix(providers): fall back to configured models when models endpoint fetch fails (#7530)
  chore(deps): bump brace-expansion from 5.0.3 to 5.0.5 in /evals/open-model-gym/suite (#8139)
  fix: prevent Ollama provider from hanging on tool-calling requests (#7723)
  fix: VMware Tanzu Platform provider - bug fixes, streaming, UI improvements (#8126)
  feat: allow GOOSE_CLI_SHOW_THINKING to be set in config.yaml (#8097)
  fix: GitHub Copilot auth fails to open browser in Desktop app (#6957) (#8019)
  fix(ci): produce .tar.gz archives for Zed ACP registry compatibility (#8054)
  feat: add GOOSE_SHOW_FULL_OUTPUT config to disable tool output truncation (#7919)
  ...

# Conflicts:
#	crates/goose/src/providers/formats/openai.rs
@github-actions github-actions bot mentioned this pull request Apr 2, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@blackgirlbytes blackgirlbytes Awaiting requested review from blackgirlbytes blackgirlbytes is a code owner

@angiejones angiejones Awaiting requested review from angiejones angiejones is a code owner

@DOsinga DOsinga Awaiting requested review from DOsinga DOsinga is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DOsinga