From 4aad91dd9896ee46b5869172b1720ae831502e13 Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 21 Mar 2020 15:08:03 -0700
Subject: [PATCH 01/13] ci: attempt to get flakey ci working

---
 appveyor.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/appveyor.yml b/appveyor.yml
index 8ead79d..f6cfcfb 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -10,6 +10,7 @@ environment:
 
 install:
   - ps: Install-Product node $env:nodejs_version
+  - npm install -g npm@6.4.1
   - npm install
 
 test_script:

From a98874f1a59e407f4fb1beb0db4efa8392da60bb Mon Sep 17 00:00:00 2001
From: Denis Malinochkin <mrmlnc@yandex-team.ru>
Date: Sun, 22 Mar 2020 01:11:27 +0300
Subject: [PATCH 02/13] fix: unescape exclamation mark (#26)

---
 index.js           | 2 +-
 test/index.test.js | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 2ded6ea..789dbbf 100644
--- a/index.js
+++ b/index.js
@@ -8,7 +8,7 @@ var slash = '/';
 var backslash = /\\/g;
 var enclosure = /[\{\[].*[\/]*.*[\}\]]$/;
 var globby = /(^|[^\\])([\{\[]|\([^\)]+$)/;
-var escaped = /\\([\*\?\|\[\]\(\)\{\}])/g;
+var escaped = /\\([\!\*\?\|\[\]\(\)\{\}])/g;
 
 /**
  * @param {string} str
diff --git a/test/index.test.js b/test/index.test.js
index d3e7a71..c13bf04 100644
--- a/test/index.test.js
+++ b/test/index.test.js
@@ -78,6 +78,7 @@ describe('glob-parent', function() {
     assert.equal(gp('[bar]/'), '.');
     assert.equal(gp('./\\[bar]'), './[bar]');
     assert.equal(gp('\\[bar]/'), '[bar]');
+    assert.equal(gp('\\!dir/*'), '!dir');
     assert.equal(gp('[bar\\]/'), '.');
     assert.equal(gp('path/foo \\[bar]/'), 'path/foo [bar]');
     assert.equal(gp('path/\\{foo,bar}/'), 'path/{foo,bar}');

From 4731d2b1cb0fcd8671129746e9e035cca6bfa42a Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 21 Mar 2020 15:14:08 -0700
Subject: [PATCH 03/13] ci: add npm revert step to azure

---
 .ci/.azure-pipelines-steps.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.ci/.azure-pipelines-steps.yml b/.ci/.azure-pipelines-steps.yml
index b54ea9b..5f99800 100644
--- a/.ci/.azure-pipelines-steps.yml
+++ b/.ci/.azure-pipelines-steps.yml
@@ -4,6 +4,9 @@ steps:
     versionSpec: '$(node_version)'
   displayName: Use Node $(node_version)
 
+- script: npm install -g npm@6.4.1
+  displayName: Revert npm to 6.4.1 (known working)
+
 - script: npm install
   displayName: npm install
 

From 473f5d87644bf19f32c53de21d2420f03aa02e5a Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 21 Mar 2020 15:23:22 -0700
Subject: [PATCH 04/13] ci: update azure build images

---
 .ci/.azure-pipelines.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.ci/.azure-pipelines.yml b/.ci/.azure-pipelines.yml
index 9294859..46f73c7 100644
--- a/.ci/.azure-pipelines.yml
+++ b/.ci/.azure-pipelines.yml
@@ -21,7 +21,7 @@ jobs:
   - job: Test_Windows
     displayName: Run Tests on Windows
     pool:
-      vmImage: vs2017-win2016
+      vmImage: "windows-2019"
     strategy:
       matrix:
         Node_v10:
@@ -36,7 +36,7 @@ jobs:
   - job: Test_MacOS
     displayName: Run Tests on MacOS
     pool:
-      vmImage: macos-10.13
+      vmImage: "macOS-10.15"
     strategy:
       matrix:
         Node_v10:

From 0b5b37f674a7e207457c99cb2f123299e5ab31c9 Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 21 Mar 2020 15:27:08 -0700
Subject: [PATCH 05/13] ci: put the npm step back in for only Windows

---
 .ci/.azure-pipelines-steps.yml | 7 ++++---
 .ci/.azure-pipelines.yml       | 2 ++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.ci/.azure-pipelines-steps.yml b/.ci/.azure-pipelines-steps.yml
index 5f99800..86d0984 100644
--- a/.ci/.azure-pipelines-steps.yml
+++ b/.ci/.azure-pipelines-steps.yml
@@ -1,12 +1,13 @@
 steps:
+- script: npm i -g npm@$(npm_version)
+  displayName: Use non-broken npm version $(npm_version)
+  condition: ne(variables['npm_version'], '')
+
 - task: NodeTool@0
   inputs:
     versionSpec: '$(node_version)'
   displayName: Use Node $(node_version)
 
-- script: npm install -g npm@6.4.1
-  displayName: Revert npm to 6.4.1 (known working)
-
 - script: npm install
   displayName: npm install
 
diff --git a/.ci/.azure-pipelines.yml b/.ci/.azure-pipelines.yml
index 46f73c7..195683a 100644
--- a/.ci/.azure-pipelines.yml
+++ b/.ci/.azure-pipelines.yml
@@ -26,8 +26,10 @@ jobs:
       matrix:
         Node_v10:
           node_version: 10
+          npm_version: 6.4.1
         Node_v8:
           node_version: 8
+          npm_version: 6.4.1
         Node_v6:
           node_version: 6
     steps:

From 5d39def48c9e9eaee0ca36dafdf7b6cdcd875b85 Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 21 Mar 2020 15:33:06 -0700
Subject: [PATCH 06/13] ci: attempt to switch to published coveralls

---
 .ci/.azure-pipelines-steps.yml | 10 +++-------
 package.json                   |  2 +-
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/.ci/.azure-pipelines-steps.yml b/.ci/.azure-pipelines-steps.yml
index 86d0984..22b0695 100644
--- a/.ci/.azure-pipelines-steps.yml
+++ b/.ci/.azure-pipelines-steps.yml
@@ -17,14 +17,10 @@ steps:
 - script: npm run coveralls
   displayName: Run coveralls
   env:
-    # Pretend to be AppVeyor for now
-    APPVEYOR: true
-    APPVEYOR_BUILD_NUMBER: $(Build.BuildNumber)
-    APPVEYOR_BUILD_ID: $(Agent.OS)_$(node_version)
-    APPVEYOR_REPO_COMMIT: $(Build.SourceVersion)
-    APPVEYOR_REPO_BRANCH: $(Build.SourceBranchName)
-    # Overwrite the AppVeyor Service Name
     COVERALLS_SERVICE_NAME: Azure Pipelines
+    COVERALLS_SERVICE_NUMBER: $(Build.BuildNumber)
+    COVERALLS_SERVICE_JOB_ID: $(Agent.OS)_$(node_version)
+    COVERALLS_GIT_BRANCH: $(Build.SourceBranchName)
     COVERALLS_REPO_TOKEN: $(COVERALLS_REPO_TOKEN_SECRET)
     COVERALLS_PARALLEL: true
     CI_PULL_REQUEST: $(System.PullRequest.PullRequestNumber)
diff --git a/package.json b/package.json
index 0f7ec23..7b44b40 100644
--- a/package.json
+++ b/package.json
@@ -28,7 +28,7 @@
     "is-glob": "^4.0.1"
   },
   "devDependencies": {
-    "coveralls": "github:phated/node-coveralls#2.x",
+    "coveralls": "^3.0.11",
     "eslint": "^2.13.1",
     "eslint-config-gulp": "^3.0.1",
     "expect": "^1.20.2",

From 749c35ee084498ebb1ce8cc9cf655f6aa4d623c5 Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 21 Mar 2020 15:46:39 -0700
Subject: [PATCH 07/13] ci: try wrapping the JOB_ID in a string

---
 .ci/.azure-pipelines-steps.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.ci/.azure-pipelines-steps.yml b/.ci/.azure-pipelines-steps.yml
index 22b0695..59369c3 100644
--- a/.ci/.azure-pipelines-steps.yml
+++ b/.ci/.azure-pipelines-steps.yml
@@ -19,7 +19,7 @@ steps:
   env:
     COVERALLS_SERVICE_NAME: Azure Pipelines
     COVERALLS_SERVICE_NUMBER: $(Build.BuildNumber)
-    COVERALLS_SERVICE_JOB_ID: $(Agent.OS)_$(node_version)
+    COVERALLS_SERVICE_JOB_ID: "$(Agent.OS)_$(node_version)"
     COVERALLS_GIT_BRANCH: $(Build.SourceBranchName)
     COVERALLS_REPO_TOKEN: $(COVERALLS_REPO_TOKEN_SECRET)
     COVERALLS_PARALLEL: true

From 9b6e8747ddf664c9b1a36fbd2a23e43a35b8a52f Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 21 Mar 2020 16:03:39 -0700
Subject: [PATCH 08/13] chore: release 5.1.1

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 7b44b40..1dfd6bc 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "glob-parent",
-  "version": "5.1.0",
+  "version": "5.1.1",
   "description": "Extract the non-magic parent path from a glob string.",
   "author": "Gulp Team <team@gulpjs.com> (https://gulpjs.com/)",
   "contributors": [

From 2b24ebd64b2a045aa167c825376335555da139fd Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Tue, 26 Jan 2021 20:19:00 -0700
Subject: [PATCH 09/13] chore: generate initial changelog

---
 CHANGELOG.md | 103 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 103 insertions(+)
 create mode 100644 CHANGELOG.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..0a0938b
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,103 @@
+### [5.1.1](https://github.com/gulpjs/glob-parent/compare/v5.1.0...v5.1.1) (2021-01-27)
+
+
+### Bug Fixes
+
+* unescape exclamation mark ([#26](https://github.com/gulpjs/glob-parent/issues/26)) ([a98874f](https://github.com/gulpjs/glob-parent/commit/a98874f1a59e407f4fb1beb0db4efa8392da60bb))
+
+## [5.1.0](https://github.com/gulpjs/glob-parent/compare/v5.0.0...v5.1.0) (2021-01-27)
+
+
+### Features
+
+* add `flipBackslashes` option to disable auto conversion of slashes (closes [#24](https://github.com/gulpjs/glob-parent/issues/24)) ([#25](https://github.com/gulpjs/glob-parent/issues/25)) ([eecf91d](https://github.com/gulpjs/glob-parent/commit/eecf91d5e3834ed78aee39c4eaaae654d76b87b3))
+
+## [5.0.0](https://github.com/gulpjs/glob-parent/compare/v4.0.0...v5.0.0) (2021-01-27)
+
+
+### ⚠ BREAKING CHANGES
+
+* Drop support for node <6 & bump dependencies
+
+### Miscellaneous Chores
+
+* Drop support for node <6 & bump dependencies ([896c0c0](https://github.com/gulpjs/glob-parent/commit/896c0c00b4e7362f60b96e7fc295ae929245255a))
+
+## [4.0.0](https://github.com/gulpjs/glob-parent/compare/v3.1.0...v4.0.0) (2021-01-27)
+
+
+### ⚠ BREAKING CHANGES
+
+* question marks are valid path characters on Windows so avoid flagging as a glob when alone
+* Update is-glob dependency
+
+### Features
+
+* hoist regexps and strings for performance gains ([4a80667](https://github.com/gulpjs/glob-parent/commit/4a80667c69355c76a572a5892b0f133c8e1f457e))
+* question marks are valid path characters on Windows so avoid flagging as a glob when alone ([2a551dd](https://github.com/gulpjs/glob-parent/commit/2a551dd0dc3235e78bf3c94843d4107072d17841))
+* Update is-glob dependency ([e41fcd8](https://github.com/gulpjs/glob-parent/commit/e41fcd895d1f7bc617dba45c9d935a7949b9c281))
+
+## [3.1.0](https://github.com/gulpjs/glob-parent/compare/v3.0.1...v3.1.0) (2021-01-27)
+
+
+### Features
+
+* allow basic win32 backslash use ([272afa5](https://github.com/gulpjs/glob-parent/commit/272afa5fd070fc0f796386a5993d4ee4a846988b))
+* handle extglobs (parentheses) containing separators ([7db1bdb](https://github.com/gulpjs/glob-parent/commit/7db1bdb0756e55fd14619e8ce31aa31b17b117fd))
+* new approach to braces/brackets handling ([8269bd8](https://github.com/gulpjs/glob-parent/commit/8269bd89290d99fac9395a354fb56fdcdb80f0be))
+* pre-process braces/brackets sections ([9ef8a87](https://github.com/gulpjs/glob-parent/commit/9ef8a87f66b1a43d0591e7a8e4fc5a18415ee388))
+* preserve escaped brace/bracket at end of string ([8cfb0ba](https://github.com/gulpjs/glob-parent/commit/8cfb0ba84202d51571340dcbaf61b79d16a26c76))
+
+
+### Bug Fixes
+
+* trailing escaped square brackets ([99ec9fe](https://github.com/gulpjs/glob-parent/commit/99ec9fecc60ee488ded20a94dd4f18b4f55c4ccf))
+
+### [3.0.1](https://github.com/gulpjs/glob-parent/compare/v3.0.0...v3.0.1) (2021-01-27)
+
+
+### Features
+
+* use path-dirname ponyfill ([cdbea5f](https://github.com/gulpjs/glob-parent/commit/cdbea5f32a58a54e001a75ddd7c0fccd4776aacc))
+
+
+### Bug Fixes
+
+* unescape glob-escaped dirnames on output ([598c533](https://github.com/gulpjs/glob-parent/commit/598c533bdf49c1428bc063aa9b8db40c5a86b030))
+
+## [3.0.0](https://github.com/gulpjs/glob-parent/compare/v2.0.0...v3.0.0) (2021-01-27)
+
+
+### ⚠ BREAKING CHANGES
+
+* update is-glob dependency
+
+### Features
+
+* update is-glob dependency ([5c5f8ef](https://github.com/gulpjs/glob-parent/commit/5c5f8efcee362a8e7638cf8220666acd8784f6bd))
+
+## [2.0.0](https://github.com/gulpjs/glob-parent/compare/v1.3.0...v2.0.0) (2021-01-27)
+
+
+### Features
+
+* move up to dirname regardless of glob characters ([f97fb83](https://github.com/gulpjs/glob-parent/commit/f97fb83be2e0a9fc8d3b760e789d2ecadd6aa0c2))
+
+## [1.3.0](https://github.com/gulpjs/glob-parent/compare/v1.2.0...v1.3.0) (2021-01-27)
+
+## [1.2.0](https://github.com/gulpjs/glob-parent/compare/v1.1.0...v1.2.0) (2021-01-27)
+
+
+### Reverts
+
+* feat: make regex test strings smaller ([dc80fa9](https://github.com/gulpjs/glob-parent/commit/dc80fa9658dca20549cfeba44bbd37d5246fcce0))
+
+## [1.1.0](https://github.com/gulpjs/glob-parent/compare/v1.0.0...v1.1.0) (2021-01-27)
+
+
+### Features
+
+* make regex test strings smaller ([cd83220](https://github.com/gulpjs/glob-parent/commit/cd832208638f45169f986d80fcf66e401f35d233))
+
+## 1.0.0 (2021-01-27)
+

From 0b014a7962789b2d8f2cf0b6311f40667aecd62c Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Wed, 3 Feb 2021 10:06:45 -0800
Subject: [PATCH 10/13] chore: add JSDoc returns information (#33)

---
 index.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/index.js b/index.js
index 789dbbf..ef65a47 100644
--- a/index.js
+++ b/index.js
@@ -14,6 +14,7 @@ var escaped = /\\([\!\*\?\|\[\]\(\)\{\}])/g;
  * @param {string} str
  * @param {Object} opts
  * @param {boolean} [opts.flipBackslashes=true]
+ * @returns {string}
  */
 module.exports = function globParent(str, opts) {
   var options = Object.assign({ flipBackslashes: true }, opts);

From f9231168b0041fea3f8f954b3cceb56269fc6366 Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Sat, 6 Mar 2021 13:16:16 -0800
Subject: [PATCH 11/13] fix: eliminate ReDoS (#36)

This change fixes a regular expression denial of service
vulnerability.

Refs: https://github.com/gulpjs/glob-parent/issues/32
Refs: https://app.snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
---
 index.js           | 2 +-
 test/index.test.js | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index ef65a47..09e257e 100644
--- a/index.js
+++ b/index.js
@@ -6,7 +6,7 @@ var isWin32 = require('os').platform() === 'win32';
 
 var slash = '/';
 var backslash = /\\/g;
-var enclosure = /[\{\[].*[\/]*.*[\}\]]$/;
+var enclosure = /[\{\[].*[\}\]]$/;
 var globby = /(^|[^\\])([\{\[]|\([^\)]+$)/;
 var escaped = /\\([\!\*\?\|\[\]\(\)\{\}])/g;
 
diff --git a/test/index.test.js b/test/index.test.js
index c13bf04..0a0291e 100644
--- a/test/index.test.js
+++ b/test/index.test.js
@@ -209,6 +209,13 @@ describe('glob2base test patterns', function() {
 
     done();
   });
+
+  it('should not be susceptible to SNYK-JS-GLOBPARENT-1016905', function(done) {
+    // This will time out if susceptible.
+    gp('{' + '/'.repeat(5000));
+
+    done();
+  });
 });
 
 if (isWin32) {

From 12bcb6c45c942e2d05fc1e6ff5402e72555b54b6 Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 6 Mar 2021 14:17:37 -0700
Subject: [PATCH 12/13] chore: release 5.1.2

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 1dfd6bc..125c971 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "glob-parent",
-  "version": "5.1.1",
+  "version": "5.1.2",
   "description": "Extract the non-magic parent path from a glob string.",
   "author": "Gulp Team <team@gulpjs.com> (https://gulpjs.com/)",
   "contributors": [

From eb2c439de448c779b450472e591a2bc9e37e9668 Mon Sep 17 00:00:00 2001
From: Blaine Bublitz <blaine.bublitz@gmail.com>
Date: Sat, 6 Mar 2021 14:19:12 -0700
Subject: [PATCH 13/13] chore: update changelog

---
 CHANGELOG.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0a0938b..fb9de96 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+### [5.1.2](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) (2021-03-06)
+
+
+### Bug Fixes
+
+* eliminate ReDoS ([#36](https://github.com/gulpjs/glob-parent/issues/36)) ([f923116](https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366))
+
 ### [5.1.1](https://github.com/gulpjs/glob-parent/compare/v5.1.0...v5.1.1) (2021-01-27)