This is an automated email from the ASF dual-hosted git repository. sarutak pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push: new 4539260f4ac [SPARK-41634][BUILD] Upgrade `minimatch` to 3.1.2 4539260f4ac is described below commit 4539260f4ac346f22ce1a47ca9e94e3181803490 Author: Bjørn <bjornjorgen...@gmail.com> AuthorDate: Wed Dec 21 13:49:45 2022 +0900 [SPARK-41634][BUILD] Upgrade `minimatch` to 3.1.2 ### What changes were proposed in this pull request? Upgrade `minimatch` to 3.1.2 $ npm -v 9.1.2 $ npm install added 118 packages, and audited 119 packages in 2s 15 packages are looking for funding run `npm fund` for details found 0 vulnerabilities ### Why are the changes needed? [CVE-2022-3517](https://nvd.nist.gov/vuln/detail/CVE-2022-3517) ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? Pass GA Closes #39143 from bjornjorgensen/upgrade-minimatch. Authored-by: Bjørn <bjornjorgen...@gmail.com> Signed-off-by: Kousuke Saruta <saru...@oss.nttdata.com> --- dev/package-lock.json | 15 ++++++++------- dev/package.json | 3 ++- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/dev/package-lock.json b/dev/package-lock.json index c2a61b389ac..104a3fb7854 100644 --- a/dev/package-lock.json +++ b/dev/package-lock.json @@ -6,7 +6,8 @@ "": { "devDependencies": { "ansi-regex": "^5.0.1", - "eslint": "^7.25.0" + "eslint": "^7.25.0", + "minimatch": "^3.1.2" } }, "node_modules/@babel/code-frame": { @@ -853,9 +854,9 @@ } }, "node_modules/minimatch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", "dev": true, "dependencies": { "brace-expansion": "^1.1.7" @@ -1931,9 +1932,9 @@ } }, "minimatch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", "dev": true, "requires": { "brace-expansion": "^1.1.7" diff --git a/dev/package.json b/dev/package.json index f975bdde831..4e4a4bf1bca 100644 --- a/dev/package.json +++ b/dev/package.json @@ -1,6 +1,7 @@ { "devDependencies": { "eslint": "^7.25.0", - "ansi-regex": "^5.0.1" + "ansi-regex": "^5.0.1", + "minimatch": "^3.1.2" } } --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org For additional commands, e-mail: commits-h...@spark.apache.org