Skip to content

Commit 5f1522c

Browse files
jdaltonjdalton
authored
fix: upgrade brace-expansion to 5.0.5 (CVE-2026-33750) (#115)
Zero-step sequence causes process hang and memory exhaustion.
1 parent be84544 commit 5f1522c

2 files changed

Lines changed: 12 additions & 8 deletions

File tree

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -807,6 +807,7 @@
807807
"@sigstore/core": "3.1.0",
808808
"@sigstore/sign": "4.1.0",
809809
"ansi-regex": "6.2.2",
810+
"brace-expansion": "5.0.5",
810811
"chownr": "3.0.0",
811812
"debug": "4.4.3",
812813
"execa": "5.1.1",

pnpm-lock.yaml

Lines changed: 11 additions & 8 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)