Skip to content
GitLab

[dist] Update dependency minimatch to 3.0.5 [SECURITY]

Open Administrator requested to merge renovate/npm-minimatch-vulnerability into master

Created by: renovate[bot]

Mend Renovate

This PR contains the following updates:

Package Change
minimatch 3.0.4 -> 3.0.5

GitHub Vulnerability Alerts

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

Configuration

:date: Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

:vertical_traffic_light: Automerge: Disabled by config. Please merge this manually once you are satisfied.

:recycle: Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

:no_bell: Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

Approval is optional

Ready to merge by members who can write to the target branch.

  • 1 commit and 1 merge commit will be added to master.
  • Source branch will not be deleted.

Activity

Please register or sign in to reply