Skip to content

Commit 615fbc6

Browse files
ericfitzclaude
ericfitz
and
claude
committed
fix(deps): patch brace-expansion vulnerabilities via overrides
Override brace-expansion@<2.0.3 to 2.0.3 and brace-expansion@>=4.0.0<5.0.5 to 5.0.5, resolving GHSA-f886-m6hf-6m8v (moderate: zero-step sequence causes process hang and memory exhaustion). pnpm audit now reports zero known vulnerabilities. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent c08e05f commit 615fbc6

2 files changed

Lines changed: 14 additions & 23 deletions

File tree

package.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,9 @@
1313
"fast-xml-parser@<5.5.7": "5.5.7",
1414
"picomatch@>=4.0.0 <4.0.4": "4.0.4",
1515
"yaml@<1.10.3": "1.10.3",
16-
"handlebars@>=4.0.0 <4.7.9": "4.7.9"
16+
"handlebars@>=4.0.0 <4.7.9": "4.7.9",
17+
"brace-expansion@<2.0.3": "2.0.3",
18+
"brace-expansion@>=4.0.0 <5.0.5": "5.0.5"
1719
}
1820
},
1921
"scripts": {

pnpm-lock.yaml

Lines changed: 11 additions & 22 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)