Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): fix vulnerability inefficient regular expression complexity #15082

Merged
merged 2 commits into from
May 29, 2024
Merged

chore(deps): fix vulnerability inefficient regular expression complexity #15082

merged 2 commits into from
May 29, 2024
+38 −37

Conversation

mouadhbb
Copy link
Contributor

should fix the vulnerability "Inefficient regular expression complexity" in micromatch dep
https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728

@linux-foundation-easycla Linux Foundation: EasyCLA
Copy link

linux-foundation-easycla bot commented May 22, 2024
edited
Loading

CLA Signed

The committers listed above are authorized under a signed CLA.

@netlify Netlify
Copy link

netlify bot commented May 22, 2024
edited
Loading

Deploy Preview for jestjs ready!

Built without sensitive environment variables

Name Link
🔨 Latest commit 524d9c3
🔍 Latest deploy log https://app.netlify.com/sites/jestjs/deploys/6656daff7facf30008685903
😎 Deploy Preview https://deploy-preview-15082--jestjs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@mouadhbb mouadhbb force-pushed the chore/vulnerability-inefficient-regular-expression-complexity branch 5 times, most recently from a2a22c8 to 8bf314b Compare May 22, 2024 14:34
SimenB
SimenB requested changes May 29, 2024
View reviewed changes
CHANGELOG.md Outdated Show resolved Hide resolved
@mouadhbb mouadhbb requested a review from SimenB May 29, 2024 07:33
@mouadhbb mouadhbb force-pushed the chore/vulnerability-inefficient-regular-expression-complexity branch from 070189b to 524d9c3 Compare May 29, 2024 07:36
SimenB
SimenB approved these changes May 29, 2024
View reviewed changes
Copy link
Member

@SimenB SimenB left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@SimenB SimenB merged commit af3b1be into jestjs:main May 29, 2024
81 of 84 checks passed
@SimenB
Copy link
Member

SimenB commented May 30, 2024

https://github.com/jestjs/jest/releases/tag/v30.0.0-alpha.5

@istellino-chub
Copy link

istellino-chub commented Jun 13, 2024
edited
Loading

@SimenB why jest is releasing this kind of vulnerability fix on an alpha version instead of publishing a new 29.7.1 version for example?

@SimenB
Copy link
Member

SimenB commented Jun 13, 2024

The update is in semver range, so any consumer is not blocked. This just gives it a boost

@github-actions GitHub Actions
Copy link

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Please note this issue tracker is not a help forum. We recommend using StackOverflow or our discord channel for questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 14, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@SimenB SimenB SimenB approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mouadhbb @SimenB @istellino-chub