[Security] Bump glob-parent from 5.1.1 to 5.1.2
Bumps glob-parent from 5.1.1 to 5.1.2. This update includes security fixes.
Vulnerabilities fixed
Regular expression denial of service in glob-parent This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
Patched versions: 5.1.2 Affected versions: < 5.1.2
glob-parent before 6.0.1 and 5.1.2 vulnerable to Regular Expression Denial of Service (ReDoS) glob-parent before 6.0.1 and 5.1.2 is vulnerable to Regular Expression Denial of Service (ReDoS). This issue is fixed in version 6.0.1 and 5.1.2.
Patched versions: 5.1.2 Affected versions: < 5.1.2
Changelog
Sourced from glob-parent's changelog.
5.1.2 (2021-03-06)
Bug Fixes
6.0.2 (2021-09-29)
Bug Fixes
6.0.1 (2021-07-20)
Bug Fixes
6.0.0 (2021-05-03)
⚠ BREAKING CHANGES
- Correct mishandled escaped path separators (#34)
- upgrade scaffold, dropping node <10 support
Bug Fixes
Miscellaneous Chores
- upgrade scaffold, dropping node <10 support (e83d0c5)
Commits
Dependabot commands
You can trigger Dependabot actions by commenting on this MR
-
$dependabot rebase
will rebase this MR -
$dependabot recreate
will recreate this MR rewriting all the manual changes and resolving conflicts