Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): fix vulnerability inefficient regular expression complexity #15082

Conversation

mouadhbb
Copy link
Contributor

should fix the vulnerability "Inefficient regular expression complexity" in micromatch dep
https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728

Copy link

linux-foundation-easycla bot commented May 22, 2024

CLA Signed

The committers listed above are authorized under a signed CLA.

Copy link

netlify bot commented May 22, 2024

Deploy Preview for jestjs ready!

Built without sensitive environment variables

Name Link
🔨 Latest commit 524d9c3
🔍 Latest deploy log https://app.netlify.com/sites/jestjs/deploys/6656daff7facf30008685903
😎 Deploy Preview https://deploy-preview-15082--jestjs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@mouadhbb mouadhbb force-pushed the chore/vulnerability-inefficient-regular-expression-complexity branch 5 times, most recently from a2a22c8 to 8bf314b Compare May 22, 2024 14:34
CHANGELOG.md Outdated Show resolved Hide resolved
@mouadhbb mouadhbb requested a review from SimenB May 29, 2024 07:33
@mouadhbb mouadhbb force-pushed the chore/vulnerability-inefficient-regular-expression-complexity branch from 070189b to 524d9c3 Compare May 29, 2024 07:36
Copy link
Member

@SimenB SimenB left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@SimenB SimenB merged commit af3b1be into jestjs:main May 29, 2024
81 of 84 checks passed
@SimenB
Copy link
Member

SimenB commented May 30, 2024

@istellino-chub
Copy link

istellino-chub commented Jun 13, 2024

@SimenB why jest is releasing this kind of vulnerability fix on an alpha version instead of publishing a new 29.7.1 version for example?

@SimenB
Copy link
Member

SimenB commented Jun 13, 2024

The update is in semver range, so any consumer is not blocked. This just gives it a boost

Copy link

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Please note this issue tracker is not a help forum. We recommend using StackOverflow or our discord channel for questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 14, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants