Skip to content

Commit c309805

Browse files
tobyhedetobyhede
committed
fix(deps): patch brace-expansion to >= 5.0.5 (CVE-2026-33750)
Infinite loop DoS via zero step value in brace patterns. Refs: CIP-2938
1 parent 4aac020 commit c309805

File tree

2 files changed

+6
-4
lines changed

2 files changed

+6
-4
lines changed

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,7 @@
4949
"overrides": {
5050
"@cipherstash/protect-ffi": "0.21.0",
5151
"@babel/runtime": "7.26.10",
52+
"brace-expansion@^5": ">=5.0.5",
5253
"body-parser": "2.2.1",
5354
"vite": "catalog:security",
5455
"pg": "^8.16.3",

pnpm-lock.yaml

Lines changed: 5 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)