cs_betty/cartsnitch-fork-test
1
0
Fork 0
forked from cartsnitch/cartsnitch
Code Pull Requests Activity

fix(deps): resolve npm audit vulnerabilities (brace-expansion, lodash) (#108)

Browse Source 
- Override brace-expansion to >=1.1.13 to resolve GHSA-f886-m6hf-6m8v
- Override lodash to >=4.17.24 to resolve GHSA-r5fr-rjxr-66jc and GHSA-f23m-r3pf-42rh
- Override minimatch to ^10.2.4 to maintain compatibility with brace-expansion@5.x

Co-authored-by: Paperclip <noreply@paperclip.ing>
Co-authored-by: CartSnitch Engineer Bot <cartnoreply@cartsnitch.com>
This commit is contained in:
cartsnitch-cto[bot]
2026-04-03 13:23:20 +00:00
committed by GitHub
parent c8de30ec6e
commit 94f99595fc
2 changed files with 552 additions and 651 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package-lock.json
Generated
+548 -650
View File
File diff suppressed because it is too large Load Diff
package.json
+4 -1
View File
@@ -50,6 +50,9 @@
"overrides": { "overrides": {
"@rollup/pluginutils": "5.3.0", "@rollup/pluginutils": "5.3.0",
"flatted": "^3.4.2", "flatted": "^3.4.2",
"serialize-javascript": "7.0.5" "serialize-javascript": "7.0.5",
"brace-expansion": ">=1.1.13",
"lodash": ">=4.17.24",
"minimatch": "^10.2.4"
} }
} }