Skip to content

Commit 7a7baec

Browse files
aikido-autofix[bot]janb87
aikido-autofix[bot]
and
janb87
authored
Fix security issue in brace-expansion via minor version upgrade from 1.1.11 to 1.1.12 (#150)
This PR will resolve the following CVEs: | CVE ID | Severity | Description | | --- | --- | --- | | <pre>[CVE-2025-5889](https://app.aikido.dev/issues/11538126/detail?groupId=324#CVE-2025-5889)</pre> | <pre>LOW</pre> | A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Th... | --------- Co-authored-by: aikido-autofix[bot] <119856028+aikido-autofix[bot]@users.noreply.github.com> Co-authored-by: janb87 <12234016+janb87@users.noreply.github.com>
1 parent 9cc6abf commit 7a7baec

4 files changed

Lines changed: 34 additions & 13 deletions

File tree

dist/index.js

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

dist/index.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package-lock.json

Lines changed: 3 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 29 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,14 @@
1212
"bugs": {
1313
"url": "https://github.com/settlemint/settlemint-action/issues"
1414
},
15-
"keywords": ["actions", "github-actions", "settlemint", "blockchain", "cli", "automation"],
15+
"keywords": [
16+
"actions",
17+
"github-actions",
18+
"settlemint",
19+
"blockchain",
20+
"cli",
21+
"automation"
22+
],
1623
"exports": {
1724
".": "./dist/index.js"
1825
},
@@ -37,15 +44,29 @@
3744
"verbose": true,
3845
"clearMocks": true,
3946
"testEnvironment": "node",
40-
"moduleFileExtensions": ["js", "ts"],
41-
"testMatch": ["**/*.test.ts"],
42-
"testPathIgnorePatterns": ["/node_modules/", "/dist/"],
47+
"moduleFileExtensions": [
48+
"js",
49+
"ts"
50+
],
51+
"testMatch": [
52+
"**/*.test.ts"
53+
],
54+
"testPathIgnorePatterns": [
55+
"/node_modules/",
56+
"/dist/"
57+
],
4358
"transform": {
4459
"^.+\\.ts$": "ts-jest"
4560
},
46-
"coverageReporters": ["json-summary", "text", "lcov"],
61+
"coverageReporters": [
62+
"json-summary",
63+
"text",
64+
"lcov"
65+
],
4766
"collectCoverage": true,
48-
"collectCoverageFrom": ["./src/**"]
67+
"collectCoverageFrom": [
68+
"./src/**"
69+
]
4970
},
5071
"dependencies": {
5172
"@actions/cache": "^4.0.3",
@@ -70,6 +91,7 @@
7091
"ultracite": "^4.2.8"
7192
},
7293
"overrides": {
73-
"undici@<=6.21.2": "6.21.2"
94+
"undici@<=6.21.2": "6.21.2",
95+
"brace-expansion@<=1.1.12": "1.1.12"
7496
}
7597
}

0 commit comments

Comments
 (0)