Bump picomatch and starlight-links-validator

[dependabot]

Bumps picomatch to 2.3.2 and updates ancestor dependencies picomatch and starlight-links-validator. These dependencies need to be updated together.

Updates picomatch from 2.3.1 to 2.3.2

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

• fix: exception when glob pattern contains constructor by @​Jason3S in micromatch/picomatch#144
• Fix for CVE-2026-33671
• Fix for CVE-2026-33672

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

• Changelogs are for humans, not machines.
• There should be an entry for every single version.
• The same types of changes should be grouped.
• Versions and sections should be linkable.
• The latest version comes first.
• The release date of each versions is displayed.
• Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Removed for now removed features.
• Fixed for any bug fixes.
• Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

• Fix bad text values in parse #126, thanks to @​connor4312

Changed

• Remove process global to work outside of node #129, thanks to @​styfle
• Add sideEffects to package.json #128, thanks to @​frandiox
• Removed os, make compatible browser environment. See #124, thanks to @​gwsbhqt

3.0.1

Fixes

... (truncated)

Commits

• 81cba8d Publish 2.3.2
• fc1f6b6 Merge commit from fork
• eec17ae Merge commit from fork
• 78f8ca4 Merge pull request #156 from micromatch/backport-144
• 3f4f10e Merge pull request #144 from Jason3S/jdent-object-properties
• See full diff in compare view

Updates picomatch from 4.0.2 to 4.0.4

Release notes

Sourced from picomatch's releases.

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

• fix: exception when glob pattern contains constructor by @​Jason3S in micromatch/picomatch#144
• Fix for CVE-2026-33671
• Fix for CVE-2026-33672

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

• Changelogs are for humans, not machines.
• There should be an entry for every single version.
• The same types of changes should be grouped.
• Versions and sections should be linkable.
• The latest version comes first.
• The release date of each versions is displayed.
• Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Removed for now removed features.
• Fixed for any bug fixes.
• Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

• Fix bad text values in parse #126, thanks to @​connor4312

Changed

• Remove process global to work outside of node #129, thanks to @​styfle
• Add sideEffects to package.json #128, thanks to @​frandiox
• Removed os, make compatible browser environment. See #124, thanks to @​gwsbhqt

3.0.1

Fixes

... (truncated)

Commits

• 81cba8d Publish 2.3.2
• fc1f6b6 Merge commit from fork
• eec17ae Merge commit from fork
• 78f8ca4 Merge pull request #156 from micromatch/backport-144
• 3f4f10e Merge pull request #144 from Jason3S/jdent-object-properties
• See full diff in compare view

Updates starlight-links-validator from 0.10.1 to 0.20.1

Release notes

Sourced from starlight-links-validator's releases.

starlight-links-validator@0.20.1

Patch Changes

• #139 01c0073 Thanks @​HiDeoo! - Fixes a regression in version 0.20.0 incorrectly reporting non HTTP-based URL links as invalid, e.g. mailto: links.

starlight-links-validator@0.20.0

Minor Changes

• #136 7f6b843 Thanks @​HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  ⚠️ BREAKING CHANGE: The minimum supported version of Starlight is now 0.38.0.

  Please follow the upgrade guide to update your project.

starlight-links-validator@0.19.2

Patch Changes

• #131 14f4d8d Thanks @​DaniFoldi! - Adds astro as a peer dependency to prevent potential build errors in monorepos with hoisting disabled.

starlight-links-validator@0.19.1

Patch Changes

• #127 2c0e83d Thanks @​HiDeoo! - Fixes validation issues with links containing query strings when using the Astro trailingSlash option.

starlight-links-validator@0.19.0

Minor Changes

• #123 e9cc59d Thanks @​HiDeoo! - Adds validation of hero action links in frontmatter.

• #123 e9cc59d Thanks @​HiDeoo! - Adds validation of previous and next page links in frontmatter.

starlight-links-validator@0.18.1

Patch Changes

• #121 242bc28 Thanks @​HiDeoo! - Setups trusted publishing using OpenID Connect (OIDC) authentication — no code changes.

starlight-links-validator@0.18.0

Minor Changes

• #118 efef54a Thanks @​HiDeoo! - Adds hyperlinks (OSC 8) support to validation terminal output.

  In supported terminals, error slugs can be conveniently used (e.g. with Ctrl+Click, Opt+Click, Cmd+Click, or a context menu) to open the corresponding file using the default associated application.

starlight-links-validator@0.17.2

Patch Changes

• #115 b042c61 Thanks @​trueberryless! - Fixes validation issue for links to Starlight page's title anchor, e.g. /getting-started/#_top.

starlight-links-validator@0.17.1

Patch Changes

... (truncated)

Changelog

Sourced from starlight-links-validator's changelog.

0.20.1

Patch Changes

• #139 01c0073 Thanks @​HiDeoo! - Fixes a regression in version 0.20.0 incorrectly reporting non HTTP-based URL links as invalid, e.g. mailto: links.

0.20.0

Minor Changes

• #136 7f6b843 Thanks @​HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  ⚠️ BREAKING CHANGE: The minimum supported version of Starlight is now 0.38.0.

  Please follow the upgrade guide to update your project.

0.19.2

Patch Changes

• #131 14f4d8d Thanks @​DaniFoldi! - Adds astro as a peer dependency to prevent potential build errors in monorepos with hoisting disabled.

0.19.1

Patch Changes

• #127 2c0e83d Thanks @​HiDeoo! - Fixes validation issues with links containing query strings when using the Astro trailingSlash option.

0.19.0

Minor Changes

• #123 e9cc59d Thanks @​HiDeoo! - Adds validation of hero action links in frontmatter.

• #123 e9cc59d Thanks @​HiDeoo! - Adds validation of previous and next page links in frontmatter.

0.18.1

Patch Changes

• #121 242bc28 Thanks @​HiDeoo! - Setups trusted publishing using OpenID Connect (OIDC) authentication — no code changes.

0.18.0

Minor Changes

• #118 efef54a Thanks @​HiDeoo! - Adds hyperlinks (OSC 8) support to validation terminal output.

  In supported terminals, error slugs can be conveniently used (e.g. with Ctrl+Click, Opt+Click, Cmd+Click, or a context menu) to open the corresponding file using the default associated application.

... (truncated)

Commits

• ef56e1f ci: release (#140)
• 01c0073 Fix non HTTP-based URL links (#139)
• 4a92995 ci: release (#137)
• 7f6b843 Add support for Astro v6 (#136)
• 17e41f3 ci: release (#132)
• 14f4d8d chore: Add astro to peerdependencies (#131)
• 4dca73e ci: release (#128)
• 2c0e83d fix: trailingSlash & query string validation (#127)
• 93838fe ci: release (#124)
• e9cc59d Frontmatter links validation (#123)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for starlight-links-validator since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.