chore(deps): bump the npm_and_yarn group across 10 directories with 5 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the / directory: brace-expansion and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /.github/actions/compute-sha256 directory: brace-expansion and minimatch.
Bumps the npm_and_yarn group with 3 updates in the /.github/actions/create-container_based-predicate directory: brace-expansion, minimatch and form-data.
Bumps the npm_and_yarn group with 2 updates in the /.github/actions/detect-workflow-js directory: brace-expansion and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /.github/actions/generate-attestations directory: brace-expansion and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /.github/actions/privacy-check directory: brace-expansion and minimatch.
Bumps the npm_and_yarn group with 3 updates in the /.github/actions/sign-attestations directory: brace-expansion, minimatch and form-data.
Bumps the npm_and_yarn group with 2 updates in the /.github/actions/tscommon directory: brace-expansion and minimatch.
Bumps the npm_and_yarn group with 3 updates in the /.github/actions/verify-token directory: brace-expansion, minimatch and form-data.
Bumps the npm_and_yarn group with 3 updates in the /actions/delegator/setup-generic directory: brace-expansion, minimatch and form-data.

Updates brace-expansion from 2.0.1 to 2.0.2

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 5.1.6 to 5.1.9

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates minimatch from 9.0.5 to 9.0.9

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates openpgp from 6.1.0 to 6.3.0

Release notes

Sourced from openpgp's releases.

v6.3.0

What's Changed

• Support Node.js v24 (openpgpjs/openpgpjs#1896)
• Add config option to limit decompressed message size (openpgpjs/openpgpjs#1933) Since decompression can increase the memory usage non-linearly, add a config.maxDecompressedMessageSize option to limit the decompressed message size. By default it's set to Infinity, i.e. no limit. Set the config option to a number of bytes to limit the size of data that gets decompressed.
• Switch from seek-bzip to unbzip2-stream (openpgpjs/openpgpjs#1887) To facilitate the above.
• Use native CompressionStream/DecompressionStream when not streaming (openpgpjs/openpgpjs#1935) For improved compression/decompression performance when not streaming.
• Use bufferless transforms (openpgpjs/openpgpjs#1893) For lower memory usage, especially when streaming.
• JSDoc: make sure only user-facing entities are included in the docs, and add TS support (openpgpjs/openpgpjs#1923)
• Various dependency version bumps
• Various improvements to CI

Full Changelog: openpgpjs/openpgpjs@v6.2.2...v6.3.0

v6.2.2

What's Changed

• Fix zlib compression for data larger than 65KB (openpgpjs/openpgpjs#1894): Affected versions: v6.2.0 and v6.2.1 . As compression is disabled by default in openpgpjs, the issue only affects users who enabled zlib compression via e.g. config.preferredCompressionAlgorithm = openpgp.enums.compression.zlib and encrypted or signed data larger than 65KB.

Full Changelog: openpgpjs/openpgpjs@v6.2.1...v6.2.2

v6.2.1

What's Changed

• Lightweight build: lazy load tweetnacl dependency module (openpgpjs/openpgpjs#1877)
  • Key validation: use WebCrypto API when available for curve25519
• Internal dependency updates

Full Changelog: openpgpjs/openpgpjs@v6.2.0...v6.2.1

v6.2.0

What's Changed

• Implement OpenPGP message grammar validation (add config.enforceGrammar, enabled by default) (#1853)
• Enable using WebCrypto for X25519 when available (#1829)
• Prefer subkeys with higher algorithm IDs (in case of equal creation timestamps), on the assumption that that's the most modern/secure algorithm (#1854)
• Improve packet stream & error handling (#1856):
  • Packet parsing errors in not-yet-authenticated streams (i.e. SEIPDv1 with allowUnauthenticatedStream: true) get delayed until the decrypted data stream is authenticated
  • Non-critical unknown packets get turned into UnparseablePacket` objects on the packet stream instead of being ignored
• Make Issuer Key ID signature subpacket non-critical (#1828)
• Improve type definition for the User class (#1857)

New Contributors

... (truncated)

Commits

• e1cab74 6.3.0
• fccbc3e Use native Compression Streams API when not streaming (#1935)
• a61cf1f Add config option to limit decompressed message size (#1933)
• 6ab6b9c Tests: use native web streams when TransformStream is available (#1934)
• 1b2c842 [npm audit fix] bump glob and js-yaml (#1939)
• 341354f Tests: Stub navigator.hardwareConcurrency in Node v21+
• db9531d Tests: Bump mocha timeout for browser tests (#1941)
• d00821b CI: add workflow permissions (#1937)
• d27ef92 Bump playwright from 1.56.0 to 1.57.0 (#1936)
• 1af590a Switch from seek-bzip to unbzip2-stream (#1887)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by twiss, a new releaser for openpgp since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates tar-fs from 2.1.2 to 2.1.4

Commits

• f421a23 2.1.4
• c412fa1 refactor to same pattern as v3
• 4b7e868 2.1.3
• 266194b hardlink tweak from main
• See full diff in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates form-data from 3.0.1 to 3.0.4

Release notes

Sourced from form-data's releases.

v3.0.2

Fixes

• npmignore temporary build files (#532)
• move util.isArray to Array.isArray (#564)

Tests

• migrate from travis to GHA

Changelog

Sourced from form-data's changelog.

v3.0.4 - 2025-07-16

Fixed

• [Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

• [eslint] update linting config f5e7eb0
• [meta] add auto-changelog d2eb290
• [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 e8c574c
• [Fix] Switch to using crypto random for boundary values c6ced61
• [Refactor] use hasown 1a78b5d
• [Fix] validate boundary type in setBoundary() method 70bbaa0
• [Tests] add tests to check the behavior of getBoundary with non-strings b22a64e
• [meta] actually ensure the readme backup isn’t published 0150851
• [meta] remove local commit hooks fc42bb9
• [Dev Deps] remove unused deps a14d09e
• [meta] fix scripts to use prepublishOnly 11d9f73
• [meta] fix readme capitalization fc38b48

v3.0.3 - 2025-02-14

Merged

• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)

Fixed

• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)

Commits

• [Refactor] use Object.prototype.hasOwnProperty.call 7fecefe
• [Dev Deps] update @types/node, browserify, coveralls, cross-spawn, eslint, formidable, in-publish, pkgfiles, pre-commit, puppeteer, request, tape, typescript 8261fcb
• Only apps should have lockfiles b82f590
• [Dev Deps] pin request which via tough-cookie ^2.4 depends on psl e5df7f2
• [Deps] update mime-types 5a5bafe

v3.0.2 - 2024-10-10

Merged

• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)

Commits

• [Tests] migrate from travis to GHA 8fdb3bc
• [eslint] clean up ignores 3217b3d
• fix: move util.isArray to Array.isArray (#564) edb555a

Commits

• 9c82fcd v3.0.4
• e8c574c [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
• c6ced61 [Fix] Switch to using crypto random for boundary values
• 0150851 [meta] actually ensure the readme backup isn’t published
• fc38b48 [meta] fix readme capitalization
• d2eb290 [meta] add auto-changelog
• fc42bb9 [meta] remove local commit hooks
• a14d09e [Dev Deps] remove unused deps
• 002b9b0 [Fix] append: avoid a crash on nullish values
• 70bbaa0 [Fix] validate boundary type in setBoundary() method
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for form-data since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates form-data from 3.0.1 to 3.0.4

Release notes

Sourced from form-data's releases.

v3.0.2

Fixes

• npmignore temporary build files (#532)
• move util.isArray to Array.isArray (#564)

Tests

• migrate from travis to GHA

Changelog

Sourced from form-data's changelog.

v3.0.4 - 2025-07-16

Fixed

• [Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

• [eslint] update linting config f5e7eb0
• [meta] add auto-changelog d2eb290
• [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 e8c574c
• [Fix] Switch to using crypto random for boundary values c6ced61
• [Refactor] use hasown 1a78b5d
• [Fix] validate boundary type in setBoundary() method 70bbaa0
• [Tests] add tests to check the behavior of getBoundary with non-strings b22a64e
• [meta] actually ensure the readme backup isn’t published 0150851
• [meta] remove local commit hooks fc42bb9
• [Dev Deps] remove unused deps a14d09e
• [meta] fix scripts to use prepublishOnly 11d9f73
• [meta] fix readme capitalization fc38b48

v3.0.3 - 2025-02-14

Merged

• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)

Fixed

• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)

Commits

• [Refactor] use Object.prototype.hasOwnProperty.call 7fecefe
• [Dev Deps] update @types/node, browserify, coveralls, cross-spawn, eslint, formidable, in-publish, pkgfiles, pre-commit, puppeteer, request, tape, typescript 8261fcb
• Only apps should have lockfiles b82f590
• [Dev Deps] pin request which via tough-cookie ^2.4 depends on psl e5df7f2
• [Deps] update mime-types 5a5bafe

v3.0.2 - 2024-10-10

Merged

• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)

Commits

• [Tests] migrate from travis to GHA 8fdb3bc
• [eslint] clean up ignores 3217b3d
• fix: move util.isArray to Array.isArray (#564) edb555a

Commits

• 9c82fcd v3.0.4
• e8c574c [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
• c6ced61 [Fix] Switch to using crypto random for boundary values
• 0150851 [meta] actually ensure the readme backup isn’t published
• fc38b48 [meta] fix readme capitalization
• d2eb290 [meta] add auto-changelog
• fc42bb9 [meta] remove local commit hooks
• a14d09e [Dev Deps] remove unused deps
• 002b9b0 [Fix] append: avoid a crash on nullish values
• 70bbaa0 [Fix] validate boundary type in setBoundary() method
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for form-data since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v2.0.2

• pkg: publish on tag 2.x 14f1d91
• fmt ed7780a
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) 36603d5

---

juliangruber/brace-expansion@v2.0.1...v2.0.2

Commits

• a3efcee 2.0.2
• 14f1d91 pkg: publish on tag 2.x
• ed7780a fmt
• 36603d5 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 4419b6e 5.1.9
• 383ce59 docs: add warning about ReDoS
• b02ef18 fix partial matching of globstar patterns
• e92ae29 5.1.8
• 79e4447 limit recursion for **, improve perf considerably
• 85ec0ff lockfile update
• 647146e lock node version to 14
• 85646c8 5.1.7
• 977c2d8 update CI matrix and actions
• 421ad12 update test expectations for coalesced consecutive stars
• Additional commits viewable in compare view

Updates form-data from 3.0.1 to 3.0.4

Release notes

Sourced from form-data's releases.

v3.0.2

Fixes

• npmignore temporary build files (#532)
• move util.isArray to Array.isArray (#564)

Tests

• migrate from travis to GHA

Changelog

Sourced from form-data's changelog.

v3.0.4 - 2025-07-16

Fixed

• [Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

• [eslint] update linting config f5e7eb0
• [meta] add auto-changelog d2eb290
• [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 e8c574c
• [Fix] Switch to using crypto random for bounda...

  Description has been truncated