Bump minimatch, rollup-plugin-sass and serve

[dependabot]

Bumps minimatch to 3.1.5 and updates ancestor dependencies minimatch, rollup-plugin-sass and serve. These dependencies need to be updated together.

Updates minimatch from 3.0.4 to 3.1.5

Commits

• 7bba978 3.1.5
• bd25942 docs: add warning about ReDoS
• 1a9c27c fix partial matching of globstar patterns
• 1a2e084 3.1.4
• ae24656 update lockfile
• b100374 limit recursion for **, improve perf considerably
• 26ffeaa lockfile update
• 9eca892 lock node version to 14
• 00c323b 3.1.3
• 30486b2 update CI matrix and actions
• Additional commits viewable in compare view

Updates rollup-plugin-sass from 0.6.1 to 1.15.3

Release notes

Sourced from rollup-plugin-sass's releases.

Maintenance Release

What's Changed

• chore: npm up to remove third party dep vulnerabilities by @​elycruz in elycruz/rollup-plugin-sass#184

Full Changelog: elycruz/rollup-plugin-sass@v1.15.2...v1.15.3

Cheers, Maintainers

v1.15.2 - Version Fix

What's Changed

• chore(release): bump 1.15.2 by @​marcalexiei in elycruz/rollup-plugin-sass#181

Full Changelog: elycruz/rollup-plugin-sass@v1.15.1...v1.15.2

Maintenance Release

What's Changed

• chore + refactor: add eslint and async generate bundle func. by @​marcalexiei in elycruz/rollup-plugin-sass#179

Full Changelog: elycruz/rollup-plugin-sass@v1.15.0...v1.15.1

v1.15.0

What's Changed

• chore(release): update actions by @​marcalexiei in elycruz/rollup-plugin-sass#170
• chore(CI): add Node 22 and Windows to test matrix by @​marcalexiei in elycruz/rollup-plugin-sass#169
• add api option to allow switching to sass modern compiler by @​marcalexiei in elycruz/rollup-plugin-sass#166
• chore(deps-dev): bump happy-dom from 14.12.3 to 15.10.2 by @​dependabot in elycruz/rollup-plugin-sass#172
• feat: add processor css modules support by @​marcalexiei in elycruz/rollup-plugin-sass#174
• docs(README): remove repeated “packages“ word by @​marcalexiei in elycruz/rollup-plugin-sass#175
• chore: version bump by @​elycruz in elycruz/rollup-plugin-sass#178

Full Changelog: elycruz/rollup-plugin-sass@v1.14.0...v1.15.0

v1.14.0

Hi all, most changes in this release are development related, less one bugfix and one feature improvement:

• @​marcalexiei submitted an insertStyle module feature improvement to allow the module (when using the insert option) to not need special handling due to it's path including the "node_modules" name (e.g., 'dist/node_modules/...') - the module is now output to 'dist/_virtual' (based on your config), thanks to rollup's plugin API features (resolveId, and load).

Additionally, @​hamflx provided a fix for the 'insertStyle' module path getting erroneously output on MS Windows (e.g., wrong OS path separator, etc), though the fix is no longer required due to feature @​marcalexiei contribution above.

What's Changed

Feature improvements

• feat: output insertStyle as part of rollup bundle by @​marcalexiei in elycruz/rollup-plugin-sass#163

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by elycruz, a new releaser for rollup-plugin-sass since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates serve from 11.3.0 to 14.2.6

Release notes

Sourced from serve's releases.

v14.2.6

Patch Changes

• 7fcb924: Bump ajv to 8.18.0
• b3888f9: Update serve-handler to 6.1.7 to fix ReDoS vulnerabilities

v14.2.5

Patch Changes

• f4b6fbd: Update compression to v1.8.1

14.2.4

Patches

• Bump serve-handler, vitest, and `typescript: #812

14.2.3

Patches

• Bump @zeit/schemas to 2.36.0: #803

14.2.2

Patches

• fix: Update ajv from 8.11.0 to 8.12.0: #796

Credits

Huge thanks to @​legobeat for helping!

14.2.1

Patches

• Set Access-Control-Allow-Headers: * default response header: #775

Credits

Huge thanks to @​hood for helping!

14.2.0

Minor Changes

• Update CORS headers to support PNA spec: #753
• Bump @zeit/schemas package: #756

Patches

• Update the license year: #752

Credits

... (truncated)

Changelog

Sourced from serve's changelog.

14.2.6

Patch Changes

• 7fcb924: Bump ajv to 8.18.0
• b3888f9: Update serve-handler to 6.1.7 to fix ReDoS vulnerabilities

14.2.5

Patch Changes

• f4b6fbd: Update compression to v1.8.1

Commits

• f3c702c Version Packages (#846)
• 7fcb924 Add changeset for #842
• a2fecb3 chore(deps): update ajv to v8.18.0 (#842)
• b3888f9 Bump serve-handler to 6.1.7 (#845)
• efd2150 Version Packages (#829)
• 838721d Add missing setup step for Changeset (#832)
• e0d526a Fix changeset config (#831)
• f4b6fbd Add Changeset (#828)
• 7f2676a Update GitHub Actions workflows (#827)
• cfaff36 chore(deps): update compression to v1.8.1 (#824)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by vercel-release-bot, a new releaser for serve since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.