mporwoll/frontend.blogwoman.de
1
0
Fork 0
mirror of https://github.com/complexcaresolutions/frontend.blogwoman.de.git synced 2026-03-17 15:04:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(security): add minimatch >=10.2.1 override (CVE-2026-26996)

Browse source 
Resolves ReDoS vulnerability in minimatch via eslint dependency chain.
This commit is contained in:
CCS Admin 2026-02-22 10:52:00 +00:00
parent 7efab2b32b
commit 3812592cdb
2 changed files with 20 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
package.json
View file

@ -26,5 +26,10 @@
"tailwindcss": "^4.2.0", "tailwindcss": "^4.2.0",
"typescript": "^5.9.3" "typescript": "^5.9.3"
}, },
"packageManager": "pnpm@10.26.0" "packageManager": "pnpm@10.26.0",
"pnpm": {
"overrides": {
"minimatch": ">=10.2.1"
}
}
} }

50
pnpm-lock.yaml
View file

@ -4,6 +4,9 @@ settings:
autoInstallPeers: true autoInstallPeers: true
excludeLinksFromLockfile: false excludeLinksFromLockfile: false
overrides:
minimatch: '>=10.2.1'
importers: importers:
.: .:
@ -769,9 +772,6 @@ packages:
resolution: {integrity: sha512-qIj0G9wZbMGNLjLmg1PT6v2mE9AH2zlnADJD/2tC6E00hgmhUOfEB6greHPAfLRSufHqROIUTkw6E+M3lH0PTQ==} resolution: {integrity: sha512-qIj0G9wZbMGNLjLmg1PT6v2mE9AH2zlnADJD/2tC6E00hgmhUOfEB6greHPAfLRSufHqROIUTkw6E+M3lH0PTQ==}
engines: {node: '>= 0.4'} engines: {node: '>= 0.4'}
balanced-match@1.0.2:
resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==}
balanced-match@4.0.3: balanced-match@4.0.3:
resolution: {integrity: sha512-1pHv8LX9CpKut1Zp4EXey7Z8OfH11ONNH6Dhi2WDUt31VVZFXZzKwXcysBgqSumFCmR+0dqjMK5v5JiFHzi0+g==} resolution: {integrity: sha512-1pHv8LX9CpKut1Zp4EXey7Z8OfH11ONNH6Dhi2WDUt31VVZFXZzKwXcysBgqSumFCmR+0dqjMK5v5JiFHzi0+g==}
engines: {node: 20 || >=22} engines: {node: 20 || >=22}
@ -781,9 +781,6 @@ packages:
engines: {node: '>=6.0.0'} engines: {node: '>=6.0.0'}
hasBin: true hasBin: true
brace-expansion@1.1.12:
resolution: {integrity: sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==}
brace-expansion@5.0.2: brace-expansion@5.0.2:
resolution: {integrity: sha512-Pdk8c9poy+YhOgVWw1JNN22/HcivgKWwpxKq04M/jTmHyCZn12WPJebZxdjSa5TmBqISrUSgNYU3eRORljfCCw==} resolution: {integrity: sha512-Pdk8c9poy+YhOgVWw1JNN22/HcivgKWwpxKq04M/jTmHyCZn12WPJebZxdjSa5TmBqISrUSgNYU3eRORljfCCw==}
engines: {node: 20 || >=22} engines: {node: 20 || >=22}
@ -834,9 +831,6 @@ packages:
color-name@1.1.4: color-name@1.1.4:
resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==}
concat-map@0.0.1:
resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==}
convert-source-map@2.0.0: convert-source-map@2.0.0:
resolution: {integrity: sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==} resolution: {integrity: sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==}
@ -1497,12 +1491,9 @@ packages:
resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==} resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==}
engines: {node: '>=8.6'} engines: {node: '>=8.6'}
minimatch@3.1.3: minimatch@10.2.2:
resolution: {integrity: sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==} resolution: {integrity: sha512-+G4CpNBxa5MprY+04MbgOw1v7So6n5JY166pFi9KfYwT78fxScCeSNQSNzp6dpPSW2rONOps6Ocam1wFhCgoVw==}
engines: {node: 18 || 20 || >=22}
minimatch@9.0.6:
resolution: {integrity: sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==}
engines: {node: '>=16 || 14 >=14.17'}
minimist@1.2.8: minimist@1.2.8:
resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==}
@ -2079,7 +2070,7 @@ snapshots:
dependencies: dependencies:
'@eslint/object-schema': 2.1.7 '@eslint/object-schema': 2.1.7
debug: 4.4.3 debug: 4.4.3
minimatch: 3.1.3 minimatch: 10.2.2
transitivePeerDependencies: transitivePeerDependencies:
- supports-color - supports-color
@ -2100,7 +2091,7 @@ snapshots:
ignore: 5.3.2 ignore: 5.3.2
import-fresh: 3.3.1 import-fresh: 3.3.1
js-yaml: 4.1.1 js-yaml: 4.1.1
minimatch: 3.1.3 minimatch: 10.2.2
strip-json-comments: 3.1.1 strip-json-comments: 3.1.1
transitivePeerDependencies: transitivePeerDependencies:
- supports-color - supports-color
@ -2457,7 +2448,7 @@ snapshots:
'@typescript-eslint/types': 8.56.0 '@typescript-eslint/types': 8.56.0
'@typescript-eslint/visitor-keys': 8.56.0 '@typescript-eslint/visitor-keys': 8.56.0
debug: 4.4.3 debug: 4.4.3
minimatch: 9.0.6 minimatch: 10.2.2
semver: 7.7.4 semver: 7.7.4
tinyglobby: 0.2.15 tinyglobby: 0.2.15
ts-api-utils: 2.4.0(typescript@5.9.3) ts-api-utils: 2.4.0(typescript@5.9.3)
@ -2640,17 +2631,10 @@ snapshots:
axobject-query@4.1.0: {} axobject-query@4.1.0: {}
balanced-match@1.0.2: {}
balanced-match@4.0.3: {} balanced-match@4.0.3: {}
baseline-browser-mapping@2.10.0: {} baseline-browser-mapping@2.10.0: {}
brace-expansion@1.1.12:
dependencies:
balanced-match: 1.0.2
concat-map: 0.0.1
brace-expansion@5.0.2: brace-expansion@5.0.2:
dependencies: dependencies:
balanced-match: 4.0.3 balanced-match: 4.0.3
@ -2703,8 +2687,6 @@ snapshots:
color-name@1.1.4: {} color-name@1.1.4: {}
concat-map@0.0.1: {}
convert-source-map@2.0.0: {} convert-source-map@2.0.0: {}
cross-spawn@7.0.6: cross-spawn@7.0.6:
@ -2952,7 +2934,7 @@ snapshots:
hasown: 2.0.2 hasown: 2.0.2
is-core-module: 2.16.1 is-core-module: 2.16.1
is-glob: 4.0.3 is-glob: 4.0.3
minimatch: 3.1.3 minimatch: 10.2.2
object.fromentries: 2.0.8 object.fromentries: 2.0.8
object.groupby: 1.0.3 object.groupby: 1.0.3
object.values: 1.2.1 object.values: 1.2.1
@ -2980,7 +2962,7 @@ snapshots:
hasown: 2.0.2 hasown: 2.0.2
jsx-ast-utils: 3.3.5 jsx-ast-utils: 3.3.5
language-tags: 1.0.9 language-tags: 1.0.9
minimatch: 3.1.3 minimatch: 10.2.2
object.fromentries: 2.0.8 object.fromentries: 2.0.8
safe-regex-test: 1.1.0 safe-regex-test: 1.1.0
string.prototype.includes: 2.0.1 string.prototype.includes: 2.0.1
@ -3008,7 +2990,7 @@ snapshots:
estraverse: 5.3.0 estraverse: 5.3.0
hasown: 2.0.2 hasown: 2.0.2
jsx-ast-utils: 3.3.5 jsx-ast-utils: 3.3.5
minimatch: 3.1.3 minimatch: 10.2.2
object.entries: 1.1.9 object.entries: 1.1.9
object.fromentries: 2.0.8 object.fromentries: 2.0.8
object.values: 1.2.1 object.values: 1.2.1
@ -3062,7 +3044,7 @@ snapshots:
is-glob: 4.0.3 is-glob: 4.0.3
json-stable-stringify-without-jsonify: 1.0.1 json-stable-stringify-without-jsonify: 1.0.1
lodash.merge: 4.6.2 lodash.merge: 4.6.2
minimatch: 3.1.3 minimatch: 10.2.2
natural-compare: 1.4.0 natural-compare: 1.4.0
optionator: 0.9.4 optionator: 0.9.4
optionalDependencies: optionalDependencies:
@ -3490,11 +3472,7 @@ snapshots:
braces: 3.0.3 braces: 3.0.3
picomatch: 2.3.1 picomatch: 2.3.1
minimatch@3.1.3: minimatch@10.2.2:
dependencies:
brace-expansion: 1.1.12
minimatch@9.0.6:
dependencies: dependencies:
brace-expansion: 5.0.2 brace-expansion: 5.0.2