Skip to content

Pin minimatch resolution to exact version 9.0.9#103

Draft
Copilot wants to merge 2 commits intofix_cvefrom
copilot/sub-pr-101
Draft

Pin minimatch resolution to exact version 9.0.9#103
Copilot wants to merge 2 commits intofix_cvefrom
copilot/sub-pr-101

Conversation

Copy link

Copilot AI commented Mar 20, 2026
edited
Loading

The resolutions.minimatch constraint in package.json was set to ^9.0.7 while yarn.lock already resolved it to 9.0.9, creating a mismatch that could cause lockfile churn across installs.

Changes

  • src/gprofiler/frontend/package.json: Changed resolutions.minimatch from ^9.0.7 to 9.0.9 (exact pin) to align with the lockfile and ensure deterministic installs.
 "resolutions": {
-  "minimatch": "^9.0.7",
+  "minimatch": "9.0.9",
 }

📍 Connect Copilot coding agent with Jira, Azure Boards or Linear to delegate work to Copilot in one click without leaving your project management tool.

Copilot AI mentioned this pull request Mar 20, 2026
Merged
2 tasks
Copilot AI changed the title [WIP] [WIP] Address feedback on fixing CVE issues from 3rd party components Pin minimatch resolution to exact version 9.0.9 Mar 20, 2026
Copilot AI requested a review from mlim19 March 20, 2026 15:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mlim19 mlim19 Awaiting requested review from mlim19

Assignees

@mlim19 mlim19

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mlim19