fix(deps): update picomatch to fix ReDoS and method injection vulnerabilities

Updates picomatch to 2.3.2 and 4.0.4 in the frontend workspace to
address CVE for ReDoS via extglob quantifiers and method injection
in POSIX character classes.
This commit is contained in:
kolaente 2026-03-25 23:31:28 +01:00
parent 6bc1635a9f
commit d60e2f6685
No known key found for this signature in database
GPG Key ID: F40E70337AB24C9B
1 changed files with 22 additions and 22 deletions

View File

@ -5147,12 +5147,12 @@ packages:
picocolors@1.1.1:
resolution: {integrity: sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==}
picomatch@2.3.1:
resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==}
picomatch@2.3.2:
resolution: {integrity: sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==}
engines: {node: '>=8.6'}
picomatch@4.0.3:
resolution: {integrity: sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==}
picomatch@4.0.4:
resolution: {integrity: sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==}
engines: {node: '>=12'}
pinia@3.0.4:
@ -8702,14 +8702,14 @@ snapshots:
dependencies:
'@types/estree': 0.0.39
estree-walker: 1.0.1
picomatch: 2.3.1
picomatch: 2.3.2
rollup: 4.60.0
'@rollup/pluginutils@5.1.3(rollup@4.60.0)':
dependencies:
'@types/estree': 1.0.8
estree-walker: 2.0.2
picomatch: 4.0.3
picomatch: 4.0.4
optionalDependencies:
rollup: 4.60.0
@ -9696,7 +9696,7 @@ snapshots:
alien-signals: 3.0.0
muggle-string: 0.4.1
path-browserify: 1.0.1
picomatch: 4.0.3
picomatch: 4.0.4
'@vue/reactivity@3.5.27':
dependencies:
@ -9814,7 +9814,7 @@ snapshots:
anymatch@3.1.3:
dependencies:
normalize-path: 3.0.0
picomatch: 2.3.1
picomatch: 2.3.2
argparse@1.0.10:
dependencies:
@ -10771,9 +10771,9 @@ snapshots:
dependencies:
pend: 1.2.0
fdir@6.5.0(picomatch@4.0.3):
fdir@6.5.0(picomatch@4.0.4):
optionalDependencies:
picomatch: 4.0.3
picomatch: 4.0.4
figures@3.2.0:
dependencies:
@ -11735,7 +11735,7 @@ snapshots:
micromatch@4.0.8:
dependencies:
braces: 3.0.3
picomatch: 2.3.1
picomatch: 2.3.2
mime-db@1.52.0: {}
@ -11983,9 +11983,9 @@ snapshots:
picocolors@1.1.1: {}
picomatch@2.3.1: {}
picomatch@2.3.2: {}
picomatch@4.0.3: {}
picomatch@4.0.4: {}
pinia@3.0.4(typescript@5.9.3)(vue@3.5.27(typescript@5.9.3)):
dependencies:
@ -12488,7 +12488,7 @@ snapshots:
readdirp@3.6.0:
dependencies:
picomatch: 2.3.1
picomatch: 2.3.2
readdirp@4.1.2: {}
@ -12575,7 +12575,7 @@ snapshots:
rollup-plugin-visualizer@6.0.11(rollup@4.60.0):
dependencies:
open: 8.4.2
picomatch: 4.0.3
picomatch: 4.0.4
source-map: 0.7.4
yargs: 17.7.2
optionalDependencies:
@ -13239,8 +13239,8 @@ snapshots:
tinyglobby@0.2.15:
dependencies:
fdir: 6.5.0(picomatch@4.0.3)
picomatch: 4.0.3
fdir: 6.5.0(picomatch@4.0.4)
picomatch: 4.0.4
tinyrainbow@3.0.3: {}
@ -13436,7 +13436,7 @@ snapshots:
unplugin-utils@0.3.0:
dependencies:
pathe: 2.0.3
picomatch: 4.0.3
picomatch: 4.0.4
unplugin@1.0.1:
dependencies:
@ -13456,7 +13456,7 @@ snapshots:
dependencies:
'@jridgewell/remapping': 2.3.5
acorn: 8.15.0
picomatch: 4.0.3
picomatch: 4.0.4
webpack-virtual-modules: 0.6.2
upath@1.2.0: {}
@ -13602,8 +13602,8 @@ snapshots:
vite@7.3.1(@types/node@24.12.0)(jiti@2.4.2)(lightningcss@1.32.0)(sass-embedded@1.98.0)(sass@1.98.0)(terser@5.31.6)(yaml@2.5.0):
dependencies:
esbuild: 0.27.4
fdir: 6.5.0(picomatch@4.0.3)
picomatch: 4.0.3
fdir: 6.5.0(picomatch@4.0.4)
picomatch: 4.0.4
postcss: 8.5.8
rollup: 4.60.0
tinyglobby: 0.2.15
@ -13631,7 +13631,7 @@ snapshots:
magic-string: 0.30.21
obug: 2.1.1
pathe: 2.0.3
picomatch: 4.0.3
picomatch: 4.0.4
std-env: 4.0.0
tinybench: 2.9.0
tinyexec: 1.0.2