From a980ddaf3da6d2a113088bc64c8e7943403b8306 Mon Sep 17 00:00:00 2001
From: Antonis Lilis <antonis.lilis@sentry.io>
Date: Thu, 2 Apr 2026 11:38:39 +0200
Subject: [PATCH] chore(deps): bump brace-expansion to ^2.0.3

Fixes Dependabot alert for zero-step sequence causing process hang.

https://github.com/getsentry/sentry-react-native/security/dependabot/484

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 package.json | 5 ++++-
 yarn.lock    | 8 ++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 5d9252a72a..83320e55a7 100644
--- a/package.json
+++ b/package.json
@@ -115,7 +115,10 @@
     "minimatch@npm:10.2.4/brace-expansion": "^5.0.5",
     "@appium/base-driver@npm:10.2.2/path-to-regexp": "^8.4.0",
     "router@npm:2.2.0/path-to-regexp": "^8.4.0",
-    "yaml": "^2.8.3"
+    "yaml": "^2.8.3",
+    "minimatch@npm:5.1.9/brace-expansion": "^2.0.3",
+    "minimatch@npm:8.0.7/brace-expansion": "^2.0.3",
+    "minimatch@npm:9.0.9/brace-expansion": "^2.0.3"
   },
   "version": "0.0.0",
   "name": "sentry-react-native",
diff --git a/yarn.lock b/yarn.lock
index febb1cfb49..ab1be7a68a 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -13924,12 +13924,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"brace-expansion@npm:^2.0.1, brace-expansion@npm:^2.0.2":
-  version: 2.0.2
-  resolution: "brace-expansion@npm:2.0.2"
+"brace-expansion@npm:^2.0.3":
+  version: 2.0.3
+  resolution: "brace-expansion@npm:2.0.3"
   dependencies:
     balanced-match: ^1.0.0
-  checksum: 01dff195e3646bc4b0d27b63d9bab84d2ebc06121ff5013ad6e5356daa5a9d6b60fa26cf73c74797f2dc3fbec112af13578d51f75228c1112b26c790a87b0488
+  checksum: e9dd66caaf0784126e1654f1bc19adb28f3ef86f39f2226f833f7700ec727c141f6cd85eaa47bacf3426beda01c9fbc3a2f28174cf59330dc9b58ffaf9e09d96
   languageName: node
   linkType: hard