Skip to content

Bump glob and markdownlint-cli#87

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-13714e1f08
Open

Bump glob and markdownlint-cli#87
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-13714e1f08

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 19, 2025
edited
Loading

Removes glob. It's no longer used after updating ancestor dependency markdownlint-cli. These dependencies need to be updated together.

Removes glob

Updates markdownlint-cli from 0.37.0 to 0.46.0

Release notes

Sourced from markdownlint-cli's releases.

v0.46.0

  • Replace glob dependency with tinyglobby (smaller and fewer dependencies)
  • Update markdownlint dependency to 0.39.0
    • Add MD060/table-column-style
    • Improve MD001/MD007/MD009/MD010/MD029/MD033/MD037/MD059
  • Update all dependencies via Dependabot

v0.45.0

  • Update markdownlint dependency to 0.38.0
    • Add MD059/descriptive-link-text
    • Improve MD025/MD027/MD036/MD038/MD041/MD043/MD045/MD051/MD052
    • Remove support for end-of-life Node version 18
  • Update all dependencies via Dependabot

v0.44.0

  • Update markdownlint dependency to 0.37.4
    • Convert module to ECMAScript (breaking change)
    • Stop using require, convert to import
    • Improve MD032
  • Update all dependencies via Dependabot

v0.43.0

  • Update markdownlint dependency to 0.36.1
    • Improve MD051
    • Make micromark parser available to custom rules
    • Improve performance
  • Update all dependencies via Dependabot

v0.42.0

  • Update markdownlint dependency to 0.35.0
    • Add MD058/blanks-around-tables
    • Use micromark in MD001/MD003/MD009/MD010/MD013/MD014/MD019/MD021/MD023/MD024/MD025/MD039/MD042/MD043
    • Improve MD018/MD020/MD031/MD034/MD044
    • markdown-it parser no longer invoked by default
    • Improve performance
  • Update all dependencies via Dependabot

0.41.0

  • Change TOML parser to smol-toml which supports v1.0.0 of the specification
  • Update all dependencies via Dependabot

0.40.0

  • Update markdownlint dependency to 0.34.0
    • Use micromark in MD027/MD028/MD036/MD040/MD041/MD046/MD048
    • Improve MD013/MD034/MD049/MD050/MD051
  • Add support for TOML configuration files via --config
  • Add --configPointer argument for nested configuration
  • Update --ignore for directories to ignore all files within
  • Update all dependencies via Dependabot

... (truncated)

Commits
  • c8fd500 Bump version 0.46.0
  • 5d85fc6 Delete and recreate package-lock.json via "npm install" to bump indirect js-y...
  • 1b2b54c Bump glob from 10.4.5 to 10.5.0
  • 845c5ff Bump smol-toml from 1.4.2 to 1.5.2
  • 00e4437 Bump js-yaml from 4.1.0 to 4.1.1
  • 76208f1 Bump minimatch from 10.0.3 to 10.1.1
  • 8e31aca Bump commander from 14.0.1 to 14.0.2
  • 15c3ed0 Bump actions/setup-node from 5 to 6
  • 9cc24e8 Update tests for previous commit upgrading markdownlint library.
  • 34c77a6 Bump markdownlint from 0.38.0 to 0.39.0
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added the topic: infrastructure Related to project infrastructure label Nov 19, 2025
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-13714e1f08 branch from f0d25bf to 85738d3 Compare November 20, 2025 09:28
@per1234 per1234 added the type: imperfection Perceived defect in any part of project label Nov 20, 2025
@per1234
Copy link
Collaborator

per1234 commented Nov 20, 2025

@dependabot rebase.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-13714e1f08 branch from 85738d3 to 1f0bc1f Compare November 20, 2025 10:07
per1234
per1234 reviewed Nov 20, 2025
View reviewed changes
Copy link
Collaborator

@per1234 per1234 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See the review on the upstream copy of the asset:

arduino/tooling-project-assets#432 (review)

The assets have been updated upstream, but they still need to be updated in this repo.

@per1234 per1234 added the status: on hold Do not proceed at this time label Nov 20, 2025
@per1234 per1234 mentioned this pull request Nov 20, 2025
Closed
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-13714e1f08 branch 3 times, most recently from 4f417f4 to e7b6c63 Compare December 2, 2025 04:06
@dependabot
Bump glob and markdownlint-cli
74a8e6c 
Removes [glob](https://github.com/isaacs/node-glob). It's no longer used after updating ancestor dependency [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli). These dependencies need to be updated together.


Removes `glob`

Updates `markdownlint-cli` from 0.37.0 to 0.46.0
- [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases)
- [Commits](igorshubovych/markdownlint-cli@v0.37.0...v0.46.0)

---
updated-dependencies:
- dependency-name: glob
  dependency-version: 
  dependency-type: indirect
- dependency-name: markdownlint-cli
  dependency-version: 0.46.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-13714e1f08 branch from e7b6c63 to 74a8e6c Compare December 4, 2025 01:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@per1234 per1234 per1234 left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@per1234 per1234

Labels

status: on hold Do not proceed at this time topic: infrastructure Related to project infrastructure type: imperfection Perceived defect in any part of project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@per1234