Skip to content

fix: Addressed brace-expansion dependency security alert #158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 14, 2025
Merged

fix: Addressed brace-expansion dependency security alert #158

merged 2 commits into from
Jul 14, 2025

Conversation

@jkalandaibm
Copy link
Collaborator

@jkalandaibm jkalandaibm commented Jul 14, 2025
edited
Loading

dependency: none

PR summary

The Issue is addressing the following vulnerability

image

https://github.com/IBM/networking-java-sdk/security/dependabot/24

Fixes: package brace-expansion was identified to have a vulnerability. A new patched version was released addressing the very vulnerability, consequently I'm updating the version 2.0.2

PR Checklist

Please make sure that your PR fulfills the following requirements:

  • The commit message follows the Angular Commit Message Guidelines.
  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been added / updated (for bug fixes / features)

PR Type

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • New tests
  • Build/CI related changes
  • Documentation content changes
  • Other (please describe)

What is the current behavior?

Behavior wasn't altered

What is the new behavior?

Behavior wasn't altered

Does this PR introduce a breaking change?

  • Yes
  • No

Other information

@jkalandaibm jkalandaibm merged commit 4c79ef3 into master Jul 14, 2025
7 checks passed
@jkalandaibm jkalandaibm deleted the vuln-fix branch July 14, 2025 19:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kennburger kennburger kennburger approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jkalandaibm @kennburger