Skip to content

Update brace-expansion in package lock#697

Open
katsugtgz wants to merge 1 commit into
wasp-lang:mainfrom
katsugtgz:fix/brace-expansion-ghsa-jxxr
Open

Update brace-expansion in package lock#697
katsugtgz wants to merge 1 commit into
wasp-lang:mainfrom
katsugtgz:fix/brace-expansion-ghsa-jxxr

Conversation

@katsugtgz

@katsugtgz katsugtgz commented Jun 25, 2026

Copy link
Copy Markdown

Updates brace-expansion in package-lock.json to clear GHSA-jxxr-4gwj-5jf2.

Validation

  • Before: osv-scanner reported GHSA-jxxr-4gwj-5jf2 for brace-expansion 5.0.5
  • After: osv-scanner no longer reports GHSA-jxxr-4gwj-5jf2 for brace-expansion

Remaining osv-scanner findings (unrelated to brace-expansion)

  • GHSA-4x5r-pxfx-6jf8@babel/core 7.29.0
  • GHSA-h67p-54hq-rp68js-yaml 4.1.1

@katsugtgz

Copy link
Copy Markdown
Author

The failing test check is a known flake: localhost resolves to ::1 on the runner while the backend binds IPv4, so the e2e readiness check times out (connect ECONNREFUSED ::1:3001). Same error hits main — run 28524177274 (fail), 28529757174 (pass). Unrelated to this lockfile change. Fix proposed in #701.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants