From fc65b0a62bb4f492ec94f054f237407c8222ed40 Mon Sep 17 00:00:00 2001 From: David Abutbul Date: Sun, 22 Feb 2026 13:30:26 +0200 Subject: [PATCH 1/2] fix(ci): resolve minimatch audit vulnerability --- package-lock.json | 123 +++++++++------------------------------------- package.json | 5 ++ 2 files changed, 27 insertions(+), 101 deletions(-) diff --git a/package-lock.json b/package-lock.json index 058ff85..9a3ba95 100644 --- a/package-lock.json +++ b/package-lock.json @@ -770,28 +770,6 @@ "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } }, - "node_modules/@eslint/config-array/node_modules/brace-expansion": { - "version": "1.1.12", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", - "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/@eslint/config-array/node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, "node_modules/@eslint/config-helpers": { "version": "0.4.2", "resolved": "https://registry.npmjs.org/@eslint/config-helpers/-/config-helpers-0.4.2.tgz", @@ -839,16 +817,6 @@ "url": "https://opencollective.com/eslint" } }, - "node_modules/@eslint/eslintrc/node_modules/brace-expansion": { - "version": "1.1.12", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", - "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, "node_modules/@eslint/eslintrc/node_modules/ignore": { "version": "5.3.2", "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz", @@ -858,18 +826,6 @@ "node": ">= 4" } }, - "node_modules/@eslint/eslintrc/node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, "node_modules/@eslint/js": { "version": "9.28.0", "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.28.0.tgz", @@ -1846,9 +1802,14 @@ } }, "node_modules/balanced-match": { - "version": "1.0.2", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true + "version": "4.0.3", + "resolved": "https://codeload.github.com/juliangruber/balanced-match/tar.gz/refs/tags/v4.0.3", + "integrity": "sha512-Ty6TX2nEm7Qe+1bAJJNHxYHukWto6W1uL0a+e82uz5qSKZOdMIFL+twOvOR0v295OkQXBW5KsonrxpmCW37Bew==", + "dev": true, + "license": "MIT", + "engines": { + "node": "20 || >=22" + } }, "node_modules/baseline-browser-mapping": { "version": "2.9.19", @@ -1859,11 +1820,16 @@ } }, "node_modules/brace-expansion": { - "version": "2.0.2", - "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", + "version": "5.0.2", + "resolved": "https://codeload.github.com/juliangruber/brace-expansion/tar.gz/refs/tags/v5.0.2", + "integrity": "sha512-mbQ5Z6rRIOzVryzyl0W267KTUN57nFnsPAR7DAcKASUx/6QpfolTR0nAXr9k4XlZFZdqFKYfWSZeaca+jgyk/w==", "dev": true, + "license": "MIT", "dependencies": { - "balanced-match": "^1.0.0" + "balanced-match": "^4.0.2" + }, + "engines": { + "node": "20 || >=22" } }, "node_modules/browserslist": { @@ -2052,11 +2018,6 @@ "url": "https://github.com/sponsors/wooorm" } }, - "node_modules/concat-map": { - "version": "0.0.1", - "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", - "dev": true - }, "node_modules/convert-source-map": { "version": "2.0.0", "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", @@ -2580,26 +2541,6 @@ "eslint": "^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0-0 || ^9.0.0" } }, - "node_modules/eslint-plugin-react/node_modules/brace-expansion": { - "version": "1.1.12", - "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/eslint-plugin-react/node_modules/minimatch": { - "version": "3.1.2", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, "node_modules/eslint-plugin-react/node_modules/semver": { "version": "6.3.1", "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", @@ -2647,16 +2588,6 @@ "url": "https://eslint.org/donate" } }, - "node_modules/eslint/node_modules/brace-expansion": { - "version": "1.1.12", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", - "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, "node_modules/eslint/node_modules/eslint-visitor-keys": { "version": "4.2.1", "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz", @@ -2677,18 +2608,6 @@ "node": ">= 4" } }, - "node_modules/eslint/node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, "node_modules/espree": { "version": "10.4.0", "resolved": "https://registry.npmjs.org/espree/-/espree-10.4.0.tgz", @@ -4532,14 +4451,16 @@ ] }, "node_modules/minimatch": { - "version": "9.0.5", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", + "version": "10.2.1", + "resolved": "https://codeload.github.com/isaacs/minimatch/tar.gz/refs/tags/v10.2.1", + "integrity": "sha512-h+wuaVkjm4T/I0s4Ng99hUQsru6Pn9DhQBnlsQilel+HwnvHYpIzRiyP33CLPK0P0EJ/l4LRJMmyPjNl4gxBTw==", "dev": true, + "license": "BlueOak-1.0.0", "dependencies": { - "brace-expansion": "^2.0.1" + "brace-expansion": "^5.0.2" }, "engines": { - "node": ">=16 || 14 >=14.17" + "node": "20 || >=22" }, "funding": { "url": "https://github.com/sponsors/isaacs" diff --git a/package.json b/package.json index 81c2000..91e732a 100644 --- a/package.json +++ b/package.json @@ -28,5 +28,10 @@ "eslint-plugin-react-hooks": "^7.0.1", "typescript": "~5.8.2", "vite": "^7.3.1" + }, + "overrides": { + "balanced-match": "https://codeload.github.com/juliangruber/balanced-match/tar.gz/refs/tags/v4.0.3", + "brace-expansion": "https://codeload.github.com/juliangruber/brace-expansion/tar.gz/refs/tags/v5.0.2", + "minimatch": "https://codeload.github.com/isaacs/minimatch/tar.gz/refs/tags/v10.2.1" } } From 6add832260c29108e94cbe755d6efd9fe78cc940 Mon Sep 17 00:00:00 2001 From: David Abutbul Date: Sun, 22 Feb 2026 13:58:46 +0200 Subject: [PATCH 2/2] fix(ci): normalize minimatch overrides to npmjs packages --- package-lock.json | 12 ++++++------ package.json | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9a3ba95..98b6c60 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1803,8 +1803,8 @@ }, "node_modules/balanced-match": { "version": "4.0.3", - "resolved": "https://codeload.github.com/juliangruber/balanced-match/tar.gz/refs/tags/v4.0.3", - "integrity": "sha512-Ty6TX2nEm7Qe+1bAJJNHxYHukWto6W1uL0a+e82uz5qSKZOdMIFL+twOvOR0v295OkQXBW5KsonrxpmCW37Bew==", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.3.tgz", + "integrity": "sha512-1pHv8LX9CpKut1Zp4EXey7Z8OfH11ONNH6Dhi2WDUt31VVZFXZzKwXcysBgqSumFCmR+0dqjMK5v5JiFHzi0+g==", "dev": true, "license": "MIT", "engines": { @@ -1821,8 +1821,8 @@ }, "node_modules/brace-expansion": { "version": "5.0.2", - "resolved": "https://codeload.github.com/juliangruber/brace-expansion/tar.gz/refs/tags/v5.0.2", - "integrity": "sha512-mbQ5Z6rRIOzVryzyl0W267KTUN57nFnsPAR7DAcKASUx/6QpfolTR0nAXr9k4XlZFZdqFKYfWSZeaca+jgyk/w==", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.2.tgz", + "integrity": "sha512-Pdk8c9poy+YhOgVWw1JNN22/HcivgKWwpxKq04M/jTmHyCZn12WPJebZxdjSa5TmBqISrUSgNYU3eRORljfCCw==", "dev": true, "license": "MIT", "dependencies": { @@ -4452,8 +4452,8 @@ }, "node_modules/minimatch": { "version": "10.2.1", - "resolved": "https://codeload.github.com/isaacs/minimatch/tar.gz/refs/tags/v10.2.1", - "integrity": "sha512-h+wuaVkjm4T/I0s4Ng99hUQsru6Pn9DhQBnlsQilel+HwnvHYpIzRiyP33CLPK0P0EJ/l4LRJMmyPjNl4gxBTw==", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.1.tgz", + "integrity": "sha512-MClCe8IL5nRRmawL6ib/eT4oLyeKMGCghibcDWK+J0hh0Q8kqSdia6BvbRMVk6mPa6WqUa5uR2oxt6C5jd533A==", "dev": true, "license": "BlueOak-1.0.0", "dependencies": { diff --git a/package.json b/package.json index 91e732a..e2d0300 100644 --- a/package.json +++ b/package.json @@ -30,8 +30,8 @@ "vite": "^7.3.1" }, "overrides": { - "balanced-match": "https://codeload.github.com/juliangruber/balanced-match/tar.gz/refs/tags/v4.0.3", - "brace-expansion": "https://codeload.github.com/juliangruber/brace-expansion/tar.gz/refs/tags/v5.0.2", - "minimatch": "https://codeload.github.com/isaacs/minimatch/tar.gz/refs/tags/v10.2.1" + "balanced-match": "4.0.3", + "brace-expansion": "5.0.2", + "minimatch": "10.2.1" } }