diff --git a/package.json b/package.json index e0d63b928dd9..46fc646a3f20 100644 --- a/package.json +++ b/package.json @@ -63,6 +63,7 @@ "pnpm": { "overrides": { "@devexpress/callsite-record@^4.1.6": "4.1.7", + "@isaacs/brace-expansion@<=5.0.0": "^5.0.1", "form-data@<2.5.4": "2.5.5", "form-data@>=4.0.0 <4.0.4": "^4.0.5", "pbkdf2@<=3.1.2": "^3.1.3", diff --git a/packages/sbom/package.json b/packages/sbom/package.json index 0c13eb695462..d7b093a5da5d 100644 --- a/packages/sbom/package.json +++ b/packages/sbom/package.json @@ -8,6 +8,7 @@ "packageManager": "pnpm@9.15.9", "pnpm": { "overrides": { + "@isaacs/brace-expansion@<=5.0.0": "^5.0.1", "body-parser@>=2.2.0 <2.2.1": ">=2.2.1", "jws@=4.0.0": ">=4.0.1", "qs": ">=6.14.1" diff --git a/packages/sbom/pnpm-lock.yaml b/packages/sbom/pnpm-lock.yaml index 1511e15e81d4..7063635389ce 100644 --- a/packages/sbom/pnpm-lock.yaml +++ b/packages/sbom/pnpm-lock.yaml @@ -5,6 +5,7 @@ settings: excludeLinksFromLockfile: false overrides: + '@isaacs/brace-expansion@<=5.0.0': ^5.0.1 body-parser@>=2.2.0 <2.2.1: '>=2.2.1' jws@=4.0.0: '>=4.0.1' qs: '>=6.14.1' @@ -153,8 +154,8 @@ packages: resolution: {integrity: sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==} engines: {node: 20 || >=22} - '@isaacs/brace-expansion@5.0.0': - resolution: {integrity: sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==} + '@isaacs/brace-expansion@5.0.1': + resolution: {integrity: sha512-WMz71T1JS624nWj2n2fnYAuPovhv7EUhk69R6i9dsVyzxt5eM3bjwvgk9L+APE1TRscGysAVMANkB0jh0LQZrQ==} engines: {node: 20 || >=22} '@isaacs/cliui@8.0.2': @@ -633,6 +634,7 @@ packages: glob@10.5.0: resolution: {integrity: sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==} + deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me hasBin: true glob@13.0.0: @@ -1687,7 +1689,7 @@ snapshots: '@isaacs/balanced-match@4.0.1': {} - '@isaacs/brace-expansion@5.0.0': + '@isaacs/brace-expansion@5.0.1': dependencies: '@isaacs/balanced-match': 4.0.1 @@ -2490,7 +2492,7 @@ snapshots: minimatch@10.1.1: dependencies: - '@isaacs/brace-expansion': 5.0.0 + '@isaacs/brace-expansion': 5.0.1 minimatch@9.0.5: dependencies: diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 24534b01267d..2bb6ea8e7ed2 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -162,6 +162,7 @@ catalogs: overrides: '@devexpress/callsite-record@^4.1.6': 4.1.7 + '@isaacs/brace-expansion@<=5.0.0': ^5.0.1 form-data@<2.5.4: 2.5.5 form-data@>=4.0.0 <4.0.4: ^4.0.5 pbkdf2@<=3.1.2: ^3.1.3 @@ -4879,8 +4880,8 @@ packages: resolution: {integrity: sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==} engines: {node: 20 || >=22} - '@isaacs/brace-expansion@5.0.0': - resolution: {integrity: sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==} + '@isaacs/brace-expansion@5.0.1': + resolution: {integrity: sha512-WMz71T1JS624nWj2n2fnYAuPovhv7EUhk69R6i9dsVyzxt5eM3bjwvgk9L+APE1TRscGysAVMANkB0jh0LQZrQ==} engines: {node: 20 || >=22} '@isaacs/cliui@8.0.2': @@ -23200,7 +23201,7 @@ snapshots: '@isaacs/balanced-match@4.0.1': {} - '@isaacs/brace-expansion@5.0.0': + '@isaacs/brace-expansion@5.0.1': dependencies: '@isaacs/balanced-match': 4.0.1 @@ -36057,7 +36058,7 @@ snapshots: minimatch@10.1.1: dependencies: - '@isaacs/brace-expansion': 5.0.0 + '@isaacs/brace-expansion': 5.0.1 minimatch@3.1.2: dependencies: