turborepo
67122cf7 - fix: Upgrade semver to fix ReDoS vulnerability (#11683)

Commit

32 days ago

fix: Upgrade semver to fix ReDoS vulnerability (#11683) ## Summary - Upgrades `semver` from 7.5.0 to 7.7.3 in `packages/create-turbo` to fix a high-severity ReDoS vulnerability ## Details The `semver` package versions `>=7.0.0 <7.5.2` are vulnerable to Regular Expression Denial of Service (ReDoS). This upgrade addresses [GHSA-c2qf-rxjj-qqgw](https://github.com/advisories/GHSA-c2qf-rxjj-qqgw). Closes TURBO-5232

References

#11683 - fix: Upgrade semver to fix ReDoS vulnerability

Author

anthonyshew

Parents

2f1ca39a

turborepo 67122cf7 - fix: Upgrade semver to fix ReDoS vulnerability (#11683)

turborepo
67122cf7 - fix: Upgrade semver to fix ReDoS vulnerability (#11683)