turbo
84ff90c5 - fix: Upgrade semver to fix ReDoS vulnerability (#11765)

Commit

2 days ago

fix: Upgrade semver to fix ReDoS vulnerability (#11765) ## Summary Upgrades `semver` from 7.5.0 to 7.5.2 in `packages/turbo-codemod` (both `dependencies` and `devDependencies`) to resolve [GHSA-c2qf-rxjj-qqgw](https://github.com/advisories/GHSA-c2qf-rxjj-qqgw), a Regular Expression Denial of Service (ReDoS) vulnerability affecting semver >=7.0.0 <7.5.2. Ref: TURBO-5266 ## Testing - `pnpm build --filter=@turbo/codemod` passes - All 217 tests pass across 19 test suites

References

#11765 - fix: Upgrade semver to fix ReDoS vulnerability

Author

anthonyshew

Parents

c6902b03

turbo 84ff90c5 - fix: Upgrade semver to fix ReDoS vulnerability (#11765)

turbo
84ff90c5 - fix: Upgrade semver to fix ReDoS vulnerability (#11765)