Skip to content

Bump minimatch, mocha, eth-gas-reporter and solidity-coverage in /src-upgradeable/lib-upgradeable/utility-contracts/lib/openzeppelin-contracts#155

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/src-upgradeable/lib-upgradeable/utility-contracts/lib/openzeppelin-contracts/multi-6b8e89be61
Open

Bump minimatch, mocha, eth-gas-reporter and solidity-coverage in /src-upgradeable/lib-upgradeable/utility-contracts/lib/openzeppelin-contracts#155
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/src-upgradeable/lib-upgradeable/utility-contracts/lib/openzeppelin-contracts/multi-6b8e89be61

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 28, 2026

Bumps minimatch to 3.1.5 and updates ancestor dependencies minimatch, mocha, eth-gas-reporter and solidity-coverage. These dependencies need to be updated together.

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates minimatch from 5.1.0 to 5.1.9

Commits

Updates mocha from 10.0.0 to 10.8.2

Release notes

Sourced from mocha's releases.

v10.8.2

10.8.2 (2024-10-30)

🩹 Fixes

  • support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
  • test link in html reporter (#5224) (f054acc)

📚 Documentation

  • indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

  • fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

  • deps: bump the github-actions group with 1 update (#5132) (e536ab2)

v10.8.1

10.8.1 (2024-10-29)

🩹 Fixes

v10.8.0

10.8.0 (2024-10-29)

🌟 Features

🩹 Fixes

📚 Documentation

... (truncated)

Changelog

Sourced from mocha's changelog.

10.8.2 (2024-10-30)

🩹 Fixes

  • support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
  • test link in html reporter (#5224) (f054acc)

📚 Documentation

  • indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

  • fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

  • deps: bump the github-actions group with 1 update (#5132) (e536ab2)

10.8.1 (2024-10-29)

🩹 Fixes

10.8.0 (2024-10-29)

🌟 Features

🩹 Fixes

📚 Documentation

🧹 Chores

  • fix npm scripts on windows (#5219) (1173da0)
  • remove trailing whitespace in SECURITY.md (7563e59)

10.7.3 (2024-08-09)

... (truncated)

Commits
  • 05097db chore(main): release 10.8.2 (#5239)
  • 14e640e docs: indicate 'exports' interface does not work in browsers (#5181)
  • 881e3b0 chore: fix docs builds by re-adding eleventy and ignoring gitignore again (#5...
  • f054acc fix: test link in html reporter (#5224)
  • e536ab2 build(deps): bump the github-actions group with 1 update (#5132)
  • ba0fefe fix: support errors with circular dependencies in object values with --parall...
  • f44f71b chore(main): release 10.8.1 (#5238)
  • f72bc17 fix: handle case of invalid package.json with no explicit config (#5198)
  • 68803b6 fix: use accurate test links in HTML reporter (#5228)
  • d8ca270 fix: Typos on mochajs.org (#5237)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.


Updates eth-gas-reporter from 0.2.25 to 0.2.27

Release notes

Sourced from eth-gas-reporter's releases.

v0.2.27

What's Changed

Full Changelog: cgewecke/eth-gas-reporter@v0.2.26...v0.2.27

v0.2.26

What's Changed

New Contributors

Full Changelog: cgewecke/eth-gas-reporter@v0.2.2...v0.2.26

Changelog

Sourced from eth-gas-reporter's changelog.

0.2.27 / 2023-09-30

0.2.26 / 2023-09-29

0.2.23 / 2021-11-26

0.2.22 / 2021-03-04

0.2.21 / 2021-02-16

0.2.20 / 2020-12-01

  • Add support for remote contracts data pre-loading (hardhat-gas-reporter feature)

0.2.19 / 2020-10-29

  • Delegate contract loading/parsing to artifactor & make optional (#227)

0.2.18 / 2020-10-13

  • Support multiple codechecks reports per CI run
  • Add CI error threshold options: maxMethodDiff, maxDeploymentDiff
  • Add async collection methods for BuidlerEVM
  • Update solidity-parser/parser to 0.8.0 (contribution: @​vicnaum)
  • Update dev deps / use Node 12 in CI

0.2.17 / 2020-04-13

  • Use @​solidity-parser/parser for better solc 0.6.x parsing
  • Upgrade Mocha to ^7.1.1 (to remove minimist vuln warning)
  • Stop crashing when parser or ABI Encoder fails
  • Update @​ethersproject/abi to ^5.0.0-beta.146 (and unpin)

... (truncated)

Commits

Updates solidity-coverage from 0.8.2 to 0.8.17

Release notes

Sourced from solidity-coverage's releases.

0.8.17 (Osaka Support)

This release contains changes to support the Osaka hardfork (thanks to @​fvictorio 💯 ).

What's Changed

Full Changelog: sc-forks/solidity-coverage@v0.8.16...v0.8.17

0.8.16

Support for custom storage layout syntax

This version updates the plugin's parser dependency to support the layout and at keywords introduced in Solidity v0.8.29

What's Changed

Full Changelog: sc-forks/solidity-coverage@v0.8.15...v0.8.16

0.8.15

Speed up test runs when using viaIR

This release adds an irMinimum option which should improve execution speeds if you're generating coverage with solc's viaIR mode enabled. The plugin has handled viaIR for about a year but it runs more slowly in that setting because it has to search for execution traces across a wider range of opcodes. The performance hit is especially notable in solidity code that iterates hundreds of times in loops.

NOTE: Not all code will compile withirMinimum (you may get stack-too-deep errors unfortunately). But if yours does, this option should make things faster for you.

Usage

// .solcover.js
module.exports = {
  irMinimum: true,
}

What's Changed

New Contributors

Full Changelog: sc-forks/solidity-coverage@v0.8.14...v0.8.15

0.8.14

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from solidity-coverage's changelog.

Changelog

0.8.11 / 2024-03-07

0.8.10 / 2024-02-29

0.8.9 / 2024-02-27

0.8.8 / 2024-02-21

0.8.7 / 2024-02-09

0.8.6 / 2024-01-28

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump minimatch, mocha, eth-gas-reporter and solidity-coverage
8e77ad6 
Bumps [minimatch](https://github.com/isaacs/minimatch) to 3.1.5 and updates ancestor dependencies [minimatch](https://github.com/isaacs/minimatch), [mocha](https://github.com/mochajs/mocha), [eth-gas-reporter](https://github.com/cgewecke/eth-gas-reporter) and [solidity-coverage](https://github.com/sc-forks/solidity-coverage). These dependencies need to be updated together.


Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `minimatch` from 5.1.0 to 5.1.9
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `mocha` from 10.0.0 to 10.8.2
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](mochajs/mocha@v10.0.0...v10.8.2)

Updates `eth-gas-reporter` from 0.2.25 to 0.2.27
- [Release notes](https://github.com/cgewecke/eth-gas-reporter/releases)
- [Changelog](https://github.com/cgewecke/eth-gas-reporter/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cgewecke/eth-gas-reporter/commits/v0.2.27)

Updates `solidity-coverage` from 0.8.2 to 0.8.17
- [Release notes](https://github.com/sc-forks/solidity-coverage/releases)
- [Changelog](https://github.com/sc-forks/solidity-coverage/blob/master/CHANGELOG.md)
- [Commits](sc-forks/solidity-coverage@v0.8.2...v0.8.17)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
- dependency-name: minimatch
  dependency-version: 5.1.9
  dependency-type: indirect
- dependency-name: mocha
  dependency-version: 10.8.2
  dependency-type: indirect
- dependency-name: eth-gas-reporter
  dependency-version: 0.2.27
  dependency-type: indirect
- dependency-name: solidity-coverage
  dependency-version: 0.8.17
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 28, 2026
@socket-security
Copy link

socket-security bot commented Feb 28, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedsolidity-coverage@​0.8.179810010085100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants