From eddf857dd4db733590671a5de8755727cbfa301c Mon Sep 17 00:00:00 2001 From: Continue Agent Date: Sun, 1 Mar 2026 09:09:17 +0000 Subject: [PATCH] fix: add npm override to resolve minimatch vulnerabilities Add an npm override to force @sentry/node to use minimatch@^9.0.7, which fixes three high severity vulnerabilities: - SNYK-JS-MINIMATCH-15309438 (ReDoS) - SNYK-JS-MINIMATCH-15353387 (ReDoS) - SNYK-JS-MINIMATCH-15353389 (Inefficient Algorithmic Complexity) The vulnerable minimatch@9.0.5 was a transitive dependency introduced by @sentry/profiling-node > @sentry/node. Generated with [Continue](https://continue.dev) Co-Authored-By: Continue --- extensions/cli/package-lock.json | 21 +++++++++++---------- extensions/cli/package.json | 5 +++++ 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/extensions/cli/package-lock.json b/extensions/cli/package-lock.json index 0e6a44eec36..f5e560edc6b 100644 --- a/extensions/cli/package-lock.json +++ b/extensions/cli/package-lock.json @@ -121,8 +121,8 @@ "dependencies": { "@anthropic-ai/sdk": "^0.62.0", "@aws-sdk/client-bedrock-runtime": "^3.931.0", - "@aws-sdk/client-sagemaker-runtime": "^3.777.0", - "@aws-sdk/credential-providers": "^3.931.0", + "@aws-sdk/client-sagemaker-runtime": "^3.894.0", + "@aws-sdk/credential-providers": "^3.974.0", "@continuedev/config-types": "^1.0.14", "@continuedev/config-yaml": "file:../packages/config-yaml", "@continuedev/fetch": "file:../packages/fetch", @@ -201,6 +201,7 @@ "@babel/preset-env": "^7.24.7", "@biomejs/biome": "1.6.4", "@google/generative-ai": "^0.11.4", + "@modelcontextprotocol/ext-apps": "^1.0.1", "@shikijs/colorized-brackets": "^3.7.0", "@shikijs/transformers": "^3.7.0", "@types/diff": "^7.0.1", @@ -272,16 +273,16 @@ "dev": true, "license": "Apache-2.0", "dependencies": { - "@ai-sdk/anthropic": "^1.0.10", - "@ai-sdk/openai": "^1.0.10", + "@ai-sdk/anthropic": "^3.0.44", + "@ai-sdk/openai": "^3.0.29", "@anthropic-ai/sdk": "^0.67.0", "@aws-sdk/client-bedrock-runtime": "^3.931.0", - "@aws-sdk/credential-providers": "^3.931.0", + "@aws-sdk/credential-providers": "^3.974.0", "@continuedev/config-types": "^1.0.14", "@continuedev/config-yaml": "^1.38.0", "@continuedev/fetch": "^1.6.0", "@google/genai": "^1.30.0", - "ai": "^4.0.33", + "ai": "^6.0.86", "dotenv": "^16.5.0", "google-auth-library": "^10.4.1", "json-schema": "^0.4.0", @@ -4921,12 +4922,12 @@ } }, "node_modules/@sentry/node/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", + "version": "9.0.9", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz", + "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==", "license": "ISC", "dependencies": { - "brace-expansion": "^2.0.1" + "brace-expansion": "^2.0.2" }, "engines": { "node": ">=16 || 14 >=14.17" diff --git a/extensions/cli/package.json b/extensions/cli/package.json index 98e2b26d511..a759fda2f18 100644 --- a/extensions/cli/package.json +++ b/extensions/cli/package.json @@ -139,6 +139,11 @@ "engine": { "node": ">=18" }, + "overrides": { + "@sentry/node": { + "minimatch": "^9.0.7" + } + }, "optionalDependencies": { "@img/sharp-darwin-arm64": "^0.33.5", "@img/sharp-darwin-x64": "^0.33.5",