Skip to content

Commit ab16216

Browse files
Mossakaclaude
Mossaka
and
claude
committed
fix: resolve high-severity minimatch vulnerability via npm override
Add npm overrides for minimatch>=10.2.1 to fix GHSA-3ppc-4f35-3m26 (ReDoS via repeated wildcards). This resolves 24 high-severity findings from transitive deps in jest, eslint, and typescript-eslint. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 14b5e6a commit ab16216

2 files changed

Lines changed: 60 additions & 181 deletions

File tree

package-lock.json

Lines changed: 56 additions & 181 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,10 @@
7070
"typescript": "^5.0.0",
7171
"typescript-eslint": "^8.0.0"
7272
},
73+
"overrides": {
74+
"test-exclude": "^7.0.1",
75+
"minimatch": ">=10.2.1"
76+
},
7377
"engines": {
7478
"node": ">=20.12.0"
7579
},

0 commit comments

Comments
 (0)