Bump transitive dependency 'braces' to 3.0.3 #311

mcmire · 2024-06-11T23:18:56Z

Extracted from #310.

socket-security · 2024-06-11T23:19:47Z

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

legobeat

LGTM, socket security bot is confused.

socket-security · 2024-07-22T13:10:05Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/braces@3.0.3	None	`0`	44.6 kB	jonschlinkert
npm/fill-range@7.1.1	None	`0`	16.7 kB	jonschlinkert

🚮 Removed packages: npm/braces@3.0.2, npm/fill-range@7.0.1

legobeat · 2024-09-11T08:54:40Z

@MetaMask/wallet-framework-engineers PTAL 🙏

mcmire requested a review from a team as a code owner June 11, 2024 23:18

legobeat approved these changes Jun 11, 2024

View reviewed changes

legobeat force-pushed the bump-braces branch from 57f1c9b to b57399f Compare July 11, 2024 22:44

legobeat force-pushed the bump-braces branch from b57399f to eab2868 Compare July 22, 2024 13:09

Bump transitive dependency 'braces' to 3.0.3

e739571

Addresses CVE: GHSA-grv7-fg5c-xmjg

legobeat force-pushed the bump-braces branch from eab2868 to e739571 Compare July 23, 2024 02:23

Merge branch 'main' into bump-braces

9ff7663

Provide feedback