Back to Explore

juliangruber/brace-expansion

GitHub
2 updates · last 90 days1 watchersOpen source

Last release: 1 week ago

This JavaScript library implements brace expansion syntax similar to sh/bash (as documented for Bash). It provides an `expand(str, [options])` function that returns an array of all valid expanded strings, with an optional `max` limit to cap the number of generated expansions.

Project status

  • Actively maintained: The repository shows very recent activity (last upstream push on 2026-05-26) with multiple tagged updates in late May 2026, indicating it is not in maintenance mode.
  • Update cadence: At least two closely spaced updates appear (v2.1.1 on 2026-05-25, v1.1.15 on 2026-05-26), suggesting an active release period, though the broader cadence is not fully evidenced here.

AI summary generated Today

AI-generated from public sources. May be inaccurate. Report

Recent updates

  • v1.1.15

    1 week ago

    v1.1.15 is described in release notes only as a backport of a change from v5.0.6. The actual code diff shows substantive behavior changes, including a new (optional) max truncation mechanism for brace expansions and a fix for numeric sequence step handling that previously could cause runaway/infinite looping or extreme execution for inputs like {1..2..0}.

    SecurityFeatures

  • v2.1.1

    1 week ago

    v2.1.1 is described only as a backport of a change from v5.0.6 to the v2 line (PR #109). The actual code changes include adding a max-truncation mechanism to expansion, plus parser and sequence-generation logic adjustments that affect behavior for certain edge cases.

    SecurityFeatures

  • v1.1.12

    11 months ago

    Release v1.1.12 updates brace-expansion packaging and includes a regex fix intended to prevent ReDoS and improve performance. The code changes are small, affecting the parsing logic inside expand, and add a regression/performance test.

    Security

  • v2.0.2

    11 months ago

    v2.0.2 primarily targets a potential ReDoS or inefficient regular expression issue (#65). Release notes also mention minor formatting changes and a change to publish the package on the 2.x tag. The code diff shows additional internal refactoring and behavior changes around how brace expansions interact with `$`-prefixed sequences.

    Security

  • v3.0.1

    11 months ago

    Release v3.0.1 is described as a formatting change and a fix for a potential ReDoS/inefficient regular expression. However, the actual diff shows a much larger set of changes, including a migration from CommonJS to ES modules and a dependency major version bump.

    Security

  • v4.0.1

    11 months ago

    v4.0.1 primarily targets a potential ReDoS/inefficient regular expression issue (as noted in the release notes). The code diff also includes internal refactoring of brace escaping/unescaping logic and adds a regression test to measure execution time.

    Security

  • v4.0.0

    2/27/2024

    v4.0.0 bumps the library version and includes a change in how brace escaping and unescaping are implemented. The release notes also add a new tea.yaml file used for Tea configuration/release tooling.

    Features

  • v3.0.0

    10/7/2023

    This release (v3.0.0) converts the library to ES Modules, updates the balanced-match dependency, and modernizes the project tooling and CI (GitHub Actions). The test setup is migrated away from tape to Node's built-in node:test runner, and the codebase is updated to use modern JS syntax and formatting.

    BreakingFeatures

  • v1.1.11

    5/21/2019

    The provided release notes for v1.1.11 do not describe any specific code changes, fixes, or upgrade-related differences. They only restate the brace-expansion package purpose and its current API entry point (expand(str)) and behavior examples.

  • 1.1.11

    5/21/2019

    Release 1.1.11 has no publisher-provided release notes. The only code diff shows a CI configuration change, adding Node.js 10 to the Travis build matrix.