From ca3b03dfc9b6866187213730c864d710cf5bf1a7 Mon Sep 17 00:00:00 2001 From: kite Date: Tue, 23 Jun 2026 16:30:19 +0800 Subject: [PATCH] fix(vscode): upgrade minimatch to 9.0.9 to resolve CVE-2026-27903 ReDoS vulnerability --- extensions/vscode/yarn.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/extensions/vscode/yarn.lock b/extensions/vscode/yarn.lock index 990cf64..6e2fa0f 100644 --- a/extensions/vscode/yarn.lock +++ b/extensions/vscode/yarn.lock @@ -1069,7 +1069,7 @@ debug "^4.3.4" globby "^11.1.0" is-glob "^4.0.3" - minimatch "9.0.3" + minimatch "9.0.9" semver "^7.5.4" ts-api-utils "^1.0.1" @@ -3595,10 +3595,10 @@ mimic-response@^3.1.0: resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-3.1.0.tgz#2d1d59af9c1b129815accc2c46a022a5ce1fa3c9" integrity sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ== -minimatch@9.0.3: - version "9.0.3" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.3.tgz#a6e00c3de44c3a542bfaae70abfc22420a6da825" - integrity sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg== +minimatch@9.0.9: + version "9.0.9" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.9.tgz#9b0cb9fcb78087f6fd7eababe2511c4d3d60574e" + integrity sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg== dependencies: brace-expansion "^2.0.1"