Skip to content

Commit 06daa8a

Browse files
balajacatherinmeta-codesync[bot]
balajacatherin
authored and
meta-codesync[bot]
committed
Fix CVE-2026-27903, CVE-2026-27904: Upgrade transitive dependency minimatch from 9.0.5 to 9.0.7
Summary: Fix CVE-2026-27903, CVE-2026-27904: Upgrade transitive dependency minimatch from 9.0.5 to 9.0.7 ## Summary Upgrading the transitive dependency `minimatch` from 9.0.5 to 9.0.7 to fix CVE-2026-27903, CVE-2026-27904. `yarn why minimatch` shows the following packages depend on it: - typescript-eslint/typescript-estree - typescript-eslint/parser (via typescript-estree) - eslint-plugin-jest (via typescript-eslint/utils/typescript-estree) Resolution was temporarily added, then removed. The version remains at 9.0.7 without the resolution. Reviewed By: vzaidman Differential Revision: D96166502 fbshipit-source-id: f1dcd8477ac9f0576b9fb2d6fda1498798ecef91
1 parent 78a72bc commit 06daa8a

1 file changed

Lines changed: 24 additions & 19 deletions

File tree

yarn.lock

Lines changed: 24 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -2055,24 +2055,29 @@ babel-preset-jest@^29.6.3:
20552055
babel-preset-current-node-syntax "^1.0.0"
20562056

20572057
balanced-match@^1.0.0:
2058-
version "1.0.0"
2059-
resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767"
2060-
integrity sha1-ibTRmasr7kneFk6gK4nORi1xt2c=
2058+
version "1.0.2"
2059+
resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee"
2060+
integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==
2061+
2062+
balanced-match@^4.0.2:
2063+
version "4.0.4"
2064+
resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-4.0.4.tgz#bfb10662feed8196a2c62e7c68e17720c274179a"
2065+
integrity sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==
20612066

20622067
brace-expansion@^1.1.7:
2063-
version "1.1.11"
2064-
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
2065-
integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==
2068+
version "1.1.12"
2069+
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.12.tgz#ab9b454466e5a8cc3a187beaad580412a9c5b843"
2070+
integrity sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==
20662071
dependencies:
20672072
balanced-match "^1.0.0"
20682073
concat-map "0.0.1"
20692074

2070-
brace-expansion@^2.0.2:
2071-
version "2.0.2"
2072-
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-2.0.2.tgz#54fc53237a613d854c7bd37463aad17df87214e7"
2073-
integrity sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==
2075+
brace-expansion@^5.0.2:
2076+
version "5.0.4"
2077+
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-5.0.4.tgz#614daaecd0a688f660bbbc909a8748c3d80d4336"
2078+
integrity sha512-h+DEnpVvxmfVefa4jFbCf5HdH5YMDXRsmKflpf1pILZWRFlTbJpxeU55nJl4Smt5HQaGzg1o6RHFPJaOqnmBDg==
20742079
dependencies:
2075-
balanced-match "^1.0.0"
2080+
balanced-match "^4.0.2"
20762081

20772082
braces@^3.0.3:
20782083
version "3.0.3"
@@ -2250,7 +2255,7 @@ compare-versions@^3.4.0:
22502255
concat-map@0.0.1:
22512256
version "0.0.1"
22522257
resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
2253-
integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=
2258+
integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==
22542259

22552260
connect@^3.6.5:
22562261
version "3.7.0"
@@ -4466,18 +4471,18 @@ mimic-fn@^2.1.0:
44664471
integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==
44674472

44684473
minimatch@^3.0.3, minimatch@^3.0.4, minimatch@^3.0.5, minimatch@^3.1.2:
4469-
version "3.1.4"
4470-
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.4.tgz#89d910ea3970a77ac8edfd30340ccd038b758079"
4471-
integrity sha512-twmL+S8+7yIsE9wsqgzU3E8/LumN3M3QELrBZ20OdmQ9jB2JvW5oZtBEmft84k/Gs5CG9mqtWc6Y9vW+JEzGxw==
4474+
version "3.1.5"
4475+
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.5.tgz#580c88f8d5445f2bd6aa8f3cadefa0de79fbd69e"
4476+
integrity sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==
44724477
dependencies:
44734478
brace-expansion "^1.1.7"
44744479

44754480
minimatch@^9.0.4:
4476-
version "9.0.9"
4477-
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.9.tgz#9b0cb9fcb78087f6fd7eababe2511c4d3d60574e"
4478-
integrity sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==
4481+
version "9.0.7"
4482+
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.7.tgz#d76c4d0b3b527877016d6cc1b9922fc8e0ffe7b0"
4483+
integrity sha512-MOwgjc8tfrpn5QQEvjijjmDVtMw2oL88ugTevzxQnzRLm6l3fVEF2gzU0kYeYYKD8C66+IdGX6peJ4MyUlUnPg==
44794484
dependencies:
4480-
brace-expansion "^2.0.2"
4485+
brace-expansion "^5.0.2"
44814486

44824487
minimist@^1.2.6:
44834488
version "1.2.7"

0 commit comments

Comments
 (0)