Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

chore(deps): fix vulnerability inefficient regular expression complexity #15082

Merged
merged 2 commits into from
May 29, 2024
Merged

chore(deps): fix vulnerability inefficient regular expression complexity #15082

merged 2 commits into from
May 29, 2024

Conversation

mouadhbb
Copy link
Contributor

should fix the vulnerability "Inefficient regular expression complexity" in micromatch dep
https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728

@linux-foundation-easycla Linux Foundation: EasyCLA
Copy link

linux-foundation-easycla bot commented May 22, 2024
edited
Loading

CLA Signed

The committers listed above are authorized under a signed CLA.

@netlify Netlify
Copy link

netlify bot commented May 22, 2024
edited
Loading

Deploy Preview for jestjs ready!

Built without sensitive environment variables

Name Link
🔨 Latest commit 524d9c3
🔍 Latest deploy log https://app.netlify.com/sites/jestjs/deploys/6656daff7facf30008685903
😎 Deploy Preview https://deploy-preview-15082--jestjs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@mouadhbb mouadhbb force-pushed the chore/vulnerability-inefficient-regular-expression-complexity branch 5 times, most recently from a2a22c8 to 8bf314b Compare May 22, 2024 14:34
SimenB
SimenB requested changes May 29, 2024
View reviewed changes
@mouadhbb mouadhbb requested a review from SimenB May 29, 2024 07:33
@mouadhbb mouadhbb force-pushed the chore/vulnerability-inefficient-regular-expression-complexity branch from 070189b to 524d9c3 Compare May 29, 2024 07:36
SimenB
SimenB approved these changes May 29, 2024
View reviewed changes
Copy link
Member

@SimenB SimenB left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@SimenB SimenB merged commit af3b1be into jestjs:main May 29, 2024
81 of 84 checks passed
@SimenB
Copy link
Member

SimenB commented May 30, 2024

https://github.com/jestjs/jest/releases/tag/v30.0.0-alpha.5

@istellino-chub
Copy link

istellino-chub commented Jun 13, 2024
edited
Loading

@SimenB why jest is releasing this kind of vulnerability fix on an alpha version instead of publishing a new 29.7.1 version for example?

@SimenB
Copy link
Member

SimenB commented Jun 13, 2024

The update is in semver range, so any consumer is not blocked. This just gives it a boost

@github-actions GitHub Actions
Copy link

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Please note this issue tracker is not a help forum. We recommend using StackOverflow or our discord channel for questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 14, 2024
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Reviewers

@SimenB SimenB SimenB approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mouadhbb @SimenB @istellino-chub