Skip to content

FOLIO-4479: Bump brace-expansion 1.1.11 -> 1.1.13 fix CVE-2026-33750#3583

Open
julianladisch wants to merge 3 commits into
R1-2025from
FOLIO-4479
Open

FOLIO-4479: Bump brace-expansion 1.1.11 -> 1.1.13 fix CVE-2026-33750#3583
julianladisch wants to merge 3 commits into
R1-2025from
FOLIO-4479

Conversation

@julianladisch

Copy link
Copy Markdown
Contributor

https://folio-org.atlassian.net/browse/FOLIO-4479

In the Sunflower branch R1-2025 upgrade brace-expansion from 1.1.11 -> 1.1.13.

This fixes infinite loop security vulnerability CVE-2026-33750: GHSA-f886-m6hf-6m8v

https://folio-org.atlassian.net/browse/FOLIO-4479

In the Sunflower branch R1-2025 upgrade brace-expansion from 1.1.11 -> 1.1.13.

This fixes infinite loop security vulnerability CVE-2026-33750: GHSA-f886-m6hf-6m8v
zburke added a commit that referenced this pull request Jul 8, 2026
https://folio-org.atlassian.net/browse/FOLIO-4479

In the Sunflower branch R1-2025 upgrade brace-expansion from 1.1.11 -> 1.1.13.

This fixes infinite loop security vulnerability CVE-2026-33750: GHSA-f886-m6hf-6m8v

Replaces PR #3583 which contains many additional but unrelated changes.
@zburke

zburke commented Jul 8, 2026

Copy link
Copy Markdown
Member

Replaced by PR #3607 Please ignore my thrashing. I got lost among similarly-named branches.

@zburke zburke closed this Jul 8, 2026
@zburke zburke reopened this Jul 8, 2026

@JohnC-80 JohnC-80 left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@julianladisch Are changes to install.json and okapi-install.json an intentional part of this PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants