Skip to content

Commit 67edeea

Browse files
dependabot[bot]fisker
dependabot[bot]
and
fisker
authored
Build(deps): Bump minimist from 1.2.5 to 1.2.6 (#12513)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: fisker Cheung <lionkay@gmail.com>
1 parent 6664253 commit 67edeea

3 files changed

Lines changed: 8 additions & 5 deletions

File tree

changelog_unreleased/cli/12513.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
#### Fix minimist security issue (#12513 by @dependabot)
2+
3+
Details: [Prototype Pollution](https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764)

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@
6565
"mem": "9.0.2",
6666
"meriyah": "4.2.0",
6767
"micromatch": "4.0.4",
68-
"minimist": "1.2.5",
68+
"minimist": "1.2.6",
6969
"n-readlines": "1.0.1",
7070
"outdent": "0.8.0",
7171
"parse-srcset": "ikatyang/parse-srcset#54eb9c1cb21db5c62b4d0e275d7249516df6f0ee",

yarn.lock

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4877,10 +4877,10 @@ minimatch@^3.0.4, minimatch@^3.1.2:
48774877
dependencies:
48784878
brace-expansion "^1.1.7"
48794879

4880-
minimist@1.2.5, minimist@^1.2.0:
4881-
version "1.2.5"
4882-
resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602"
4883-
integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==
4880+
minimist@1.2.6, minimist@^1.2.0:
4881+
version "1.2.6"
4882+
resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.6.tgz#8637a5b759ea0d6e98702cfb3a9283323c93af44"
4883+
integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==
48844884

48854885
mkdirp@1.0.4:
48864886
version "1.0.4"

0 commit comments

Comments
 (0)