Skip to content

Commit 875e5a1

Browse files
jdaltonjdalton
authored
fix: upgrade brace-expansion to 5.0.5 (CVE-2026-33750) (#1132)
Zero-step sequence causes process hang and memory exhaustion.
1 parent 06aaa34 commit 875e5a1

2 files changed

Lines changed: 16 additions & 14 deletions

File tree

pnpm-lock.yaml

Lines changed: 15 additions & 13 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pnpm-workspace.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ catalog:
6060
aggregate-error: npm:@socketregistry/aggregate-error@^1.0.15
6161
ajv-dist: 8.17.1
6262
ansi-regex: 6.2.2
63-
brace-expansion: 2.0.2
63+
brace-expansion: 5.0.5
6464
browserslist: 4.25.4
6565
chalk-table: 1.0.2
6666
cmd-shim: 7.0.0

0 commit comments

Comments
 (0)