Skip to content

Commit 9387270

Browse files
dev-jodeedev-jodee
authored
build(deps): pin patched transitive dependency versions (#406)
Remediate remaining lockfile-resolvable alerts by pinning patched transitives in sdks and updating Rust lockfile crates. Updated: flatted@^3 -> 3.4.2, minimatch@^3 -> 3.1.5, minimatch@^5 -> 5.1.8, minimatch@^9 -> 9.0.7, aws-lc-rs -> 1.16.2, aws-lc-sys -> 0.39.0, rustls-webpki@0.103.10. Remaining unpatchable alert: bigint-buffer (#31), advisory reports no patched version (first_patched_version: none / patched_versions: <0.0.0). Co-authored-by: Jo D <dev-jodee@users.noreply.github.com>
1 parent a16eccc commit 9387270

File tree

3 files changed

+34
-33
lines changed

3 files changed

+34
-33
lines changed

Cargo.lock

Lines changed: 8 additions & 8 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

sdks/package.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,11 @@
1616
"brace-expansion@^2": "2.0.3",
1717
"picomatch@^2": "2.3.2",
1818
"picomatch@^4": "4.0.4",
19-
"yaml@^2": "2.8.3"
19+
"yaml@^2": "2.8.3",
20+
"flatted@^3": "3.4.2",
21+
"minimatch@^3": "3.1.5",
22+
"minimatch@^5": "5.1.8",
23+
"minimatch@^9": "9.0.7"
2024
}
2125
}
2226
}

sdks/pnpm-lock.yaml

Lines changed: 21 additions & 24 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)