fix: resolve critical security vulnerability in @isaacs/brace-expansion
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
- Added pnpm override to force @isaacs/brace-expansion >= 5.0.1 - Fixes CVE for Uncontrolled Resource Consumption in brace-expansion <=5.0.0 - Transitive dependency from @nestjs/cli > glob > minimatch - Resolves security-audit failure blocking CI pipeline Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -53,5 +53,10 @@
|
||||
},
|
||||
"dependencies": {
|
||||
"@opentelemetry/resources": "^1.30.1"
|
||||
},
|
||||
"pnpm": {
|
||||
"overrides": {
|
||||
"@isaacs/brace-expansion": ">=5.0.1"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user