Skip to content

Commit f0a1908

Browse files
fern-supportfern-support
authored
Merge pull request #24 from fern-api/devin/1774880847-fix-brace-expansion-cve
chore(deps): upgrade brace-expansion to 5.0.5 to address CVE-2026-33750
2 parents da3d629 + c71a606 commit f0a1908

2 files changed

Lines changed: 7 additions & 5 deletions

File tree

dist/index.js

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40261,7 +40261,7 @@ const slashPattern = /\\\\/g;
4026140261
const openPattern = /\\{/g;
4026240262
const closePattern = /\\}/g;
4026340263
const commaPattern = /\\,/g;
40264-
const periodPattern = /\\./g;
40264+
const periodPattern = /\\\./g;
4026540265
exports.EXPANSION_MAX = 100_000;
4026640266
function numeric(str) {
4026740267
return !isNaN(str) ? parseInt(str, 10) : str.charCodeAt(0);
@@ -40388,7 +40388,9 @@ function expand_(str, max, isTop) {
4038840388
const x = numeric(n[0]);
4038940389
const y = numeric(n[1]);
4039040390
const width = Math.max(n[0].length, n[1].length);
40391-
let incr = n.length === 3 && n[2] !== undefined ? Math.abs(numeric(n[2])) : 1;
40391+
let incr = n.length === 3 && n[2] !== undefined ?
40392+
Math.max(Math.abs(numeric(n[2])), 1)
40393+
: 1;
4039240394
let test = lte;
4039340395
const reverse = y < x;
4039440396
if (reverse) {

package-lock.json

Lines changed: 3 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)