Skip to content

Please update to latest micromatch version #3268

New issue
New issue
Closed
Closed
Please update to latest micromatch version#3268
karronoli/redpen
#10
 (+1)
@mboughaba

Description

@mboughaba
mboughaba
opened on Feb 16, 2019

=== npm audit security report ===

                             Manual Review                                  

         Some vulnerabilities require your attention to resolve             

                                                                            

      Visit https://go.npm.me/audit-guide for additional guidance

Low Regular Expression Denial of Service

Package braces

Patched in >=2.3.1

Dependency of karma [dev]

Path karma > expand-braces > braces

More info https://nodesecurity.io/advisories/786

Activity

johnjbarton

johnjbarton commented on Feb 16, 2019

@johnjbarton
johnjbarton
on Feb 16, 2019
Contributor

Please send a pull request if this is important to you.
http://karma-runner.github.io/3.0/dev/contributing.html

SteinRobert
added a commit that references this issue on Feb 18, 2019

fix: remove vulnerable dependency expand-braces

563f4a9
SteinRobert
mentioned this on Feb 18, 2019
johnjbarton
closed this as completedin #3270on Feb 19, 2019
johnjbarton
added a commit that references this issue on Feb 19, 2019

fix: remove vulnerable dependency expand-braces (#3270)

4ec4f6f
mboughaba

mboughaba commented on Feb 19, 2019

@mboughaba
mboughaba
on Feb 19, 2019
Author

Thanks @SteinRobert, @johnjbarton

When do you think this fix can released in 4.x?

Cheers. Mo

hypery2k

hypery2k commented on Feb 21, 2019

@hypery2k
hypery2k
on Feb 21, 2019

any plan to release 4.0.1 soon?

karronoli
mentioned this on Aug 16, 2022
Omrisnyk
mentioned this on Oct 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      Participants

      @johnjbarton@hypery2k@mboughaba

      Issue actions
        Please update to latest micromatch version · Issue #3268 · karma-runner/karma