chore(deps): fix vulnerability inefficient regular expression complexity in https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728

Author: mouadhbb

CHANGELOG.md

@@ -77,6 +77,7 @@
 
 ### Chore & Maintenance
 
+- `[micromatch]` Increase peer dependency of `micromatch` to `^4.0.7` ([#15080](https://github.com/jestjs/jest/pull/15080))
 - `[*]` [**BREAKING**] Drop support for Node.js versions 14 and 19 ([#14460](https://github.com/jestjs/jest/pull/14460))
 - `[*]` [**BREAKING**] Drop support for `[email protected]`, minimum version is now `5.0` ([#14542](https://github.com/jestjs/jest/pull/14542))
 - `[*]` Depend on exact versions of monorepo dependencies instead of `^` range ([#14553](https://github.com/jestjs/jest/pull/14553))

package.json

@@ -61,7 +61,7 @@
     "jest-watch-typeahead": "^2.2.0",
     "jquery": "^3.2.1",
     "js-yaml": "^4.1.0",
-    "micromatch": "^4.0.4",
+    "micromatch": "^4.0.7",
     "mock-fs": "^5.1.2",
     "netlify-plugin-cache": "^1.0.3",
     "node-notifier": "^10.0.0",

packages/jest-config/package.json

@@ -48,15 +48,15 @@
     "jest-runner": "workspace:*",
     "jest-util": "workspace:*",
     "jest-validate": "workspace:*",
-    "micromatch": "^4.0.4",
+    "micromatch": "^4.0.7",
     "parse-json": "^5.2.0",
     "pretty-format": "workspace:*",
     "slash": "^3.0.0",
     "strip-json-comments": "^3.1.1"
   },
   "devDependencies": {
     "@types/graceful-fs": "^4.1.3",
-    "@types/micromatch": "^4.0.1",
+    "@types/micromatch": "^4.0.7",
     "@types/parse-json": "^4.0.0",
     "semver": "^7.5.3",
     "ts-node": "^10.5.0",

packages/jest-core/package.json

@@ -38,7 +38,7 @@
     "jest-util": "workspace:*",
     "jest-validate": "workspace:*",
     "jest-watcher": "workspace:*",
-    "micromatch": "^4.0.4",
+    "micromatch": "^4.0.7",
     "pretty-format": "workspace:*",
     "slash": "^3.0.0",
     "strip-ansi": "^6.0.0"
@@ -48,7 +48,7 @@
     "@jest/test-utils": "workspace:*",
     "@types/exit": "^0.1.30",
     "@types/graceful-fs": "^4.1.3",
-    "@types/micromatch": "^4.0.1"
+    "@types/micromatch": "^4.0.7"
   },
   "peerDependencies": {
     "node-notifier": "^8.0.1 || ^9.0.0 || ^10.0.0"

packages/jest-haste-map/package.json

@@ -27,13 +27,13 @@
     "jest-regex-util": "workspace:*",
     "jest-util": "workspace:*",
     "jest-worker": "workspace:*",
-    "micromatch": "^4.0.4",
+    "micromatch": "^4.0.7",
     "walker": "^1.0.8"
   },
   "devDependencies": {
     "@types/fb-watchman": "^2.0.0",
     "@types/graceful-fs": "^4.1.3",
-    "@types/micromatch": "^4.0.1",
+    "@types/micromatch": "^4.0.7",
     "slash": "^3.0.0"
   },
   "optionalDependencies": {

packages/jest-message-util/package.json

@@ -27,15 +27,15 @@
     "@types/stack-utils": "^2.0.0",
     "chalk": "^4.0.0",
     "graceful-fs": "^4.2.9",
-    "micromatch": "^4.0.4",
+    "micromatch": "^4.0.7",
     "pretty-format": "workspace:*",
     "slash": "^3.0.0",
     "stack-utils": "^2.0.3"
   },
   "devDependencies": {
     "@types/babel__code-frame": "^7.0.0",
     "@types/graceful-fs": "^4.1.3",
-    "@types/micromatch": "^4.0.1",
+    "@types/micromatch": "^4.0.7",
     "tempy": "^1.0.0"
   },
   "publishConfig": {

packages/jest-transform/package.json

@@ -30,7 +30,7 @@
     "jest-haste-map": "workspace:*",
     "jest-regex-util": "workspace:*",
     "jest-util": "workspace:*",
-    "micromatch": "^4.0.4",
+    "micromatch": "^4.0.7",
     "pirates": "^4.0.4",
     "slash": "^3.0.0",
     "write-file-atomic": "^5.0.0"
@@ -40,7 +40,7 @@
     "@types/babel__core": "^7.1.14",
     "@types/convert-source-map": "^2.0.0",
     "@types/graceful-fs": "^4.1.3",
-    "@types/micromatch": "^4.0.1",
+    "@types/micromatch": "^4.0.7",
     "@types/write-file-atomic": "^4.0.0",
     "dedent": "^1.0.0"
   },

yarn.lock

@@ -2898,7 +2898,7 @@ __metadata:
     "@jest/types": "workspace:*"
     "@types/exit": ^0.1.30
     "@types/graceful-fs": ^4.1.3
-    "@types/micromatch": ^4.0.1
+    "@types/micromatch": ^4.0.7
     "@types/node": "*"
     ansi-escapes: ^4.2.1
     chalk: ^4.0.0
@@ -2918,7 +2918,7 @@ __metadata:
     jest-util: "workspace:*"
     jest-validate: "workspace:*"
     jest-watcher: "workspace:*"
-    micromatch: ^4.0.4
+    micromatch: ^4.0.7
     pretty-format: "workspace:*"
     slash: ^3.0.0
     strip-ansi: ^6.0.0
@@ -3088,7 +3088,7 @@ __metadata:
     jest-watch-typeahead: ^2.2.0
     jquery: ^3.2.1
     js-yaml: ^4.1.0
-    micromatch: ^4.0.4
+    micromatch: ^4.0.7
     mock-fs: ^5.1.2
     netlify-plugin-cache: ^1.0.3
     node-notifier: ^10.0.0
@@ -3264,7 +3264,7 @@ __metadata:
     "@types/babel__core": ^7.1.14
     "@types/convert-source-map": ^2.0.0
     "@types/graceful-fs": ^4.1.3
-    "@types/micromatch": ^4.0.1
+    "@types/micromatch": ^4.0.7
     "@types/write-file-atomic": ^4.0.0
     babel-plugin-istanbul: ^6.1.1
     chalk: ^4.0.0
@@ -3275,7 +3275,7 @@ __metadata:
     jest-haste-map: "workspace:*"
     jest-regex-util: "workspace:*"
     jest-util: "workspace:*"
-    micromatch: ^4.0.4
+    micromatch: ^4.0.7
     pirates: ^4.0.4
     slash: ^3.0.0
     write-file-atomic: ^5.0.0
@@ -5298,7 +5298,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/micromatch@npm:^4.0.1":
+"@types/micromatch@npm:^4.0.7":
   version: 4.0.7
   resolution: "@types/micromatch@npm:4.0.7"
   dependencies:
@@ -6988,12 +6988,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"braces@npm:^3.0.2, braces@npm:~3.0.2":
-  version: 3.0.2
-  resolution: "braces@npm:3.0.2"
+"braces@npm:^3.0.3, braces@npm:~3.0.2":
+  version: 3.0.3
+  resolution: "braces@npm:3.0.3"
   dependencies:
-    fill-range: ^7.0.1
-  checksum: e2a8e769a863f3d4ee887b5fe21f63193a891c68b612ddb4b68d82d1b5f3ff9073af066c343e9867a393fe4c2555dcb33e89b937195feb9c1613d259edfcd459
+    fill-range: ^7.1.1
+  checksum: b95aa0b3bd909f6cd1720ffcf031aeaf46154dd88b4da01f9a1d3f7ea866a79eba76a6d01cbc3c422b2ee5cdc39a4f02491058d5df0d7bf6e6a162a832df1f69
   languageName: node
   linkType: hard
 
@@ -10278,12 +10278,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"fill-range@npm:^7.0.1":
-  version: 7.0.1
-  resolution: "fill-range@npm:7.0.1"
+"fill-range@npm:^7.1.1":
+  version: 7.1.1
+  resolution: "fill-range@npm:7.1.1"
   dependencies:
     to-regex-range: ^5.0.1
-  checksum: cc283f4e65b504259e64fd969bcf4def4eb08d85565e906b7d36516e87819db52029a76b6363d0f02d0d532f0033c9603b9e2d943d56ee3b0d4f7ad3328ff917
+  checksum: b4abfbca3839a3d55e4ae5ec62e131e2e356bf4859ce8480c64c4876100f4df292a63e5bb1618e1d7460282ca2b305653064f01654474aa35c68000980f17798
   languageName: node
   linkType: hard
 
@@ -12745,7 +12745,7 @@ __metadata:
     "@jest/test-sequencer": "workspace:*"
     "@jest/types": "workspace:*"
     "@types/graceful-fs": ^4.1.3
-    "@types/micromatch": ^4.0.1
+    "@types/micromatch": ^4.0.7
     "@types/parse-json": ^4.0.0
     babel-jest: "workspace:*"
     chalk: ^4.0.0
@@ -12761,7 +12761,7 @@ __metadata:
     jest-runner: "workspace:*"
     jest-util: "workspace:*"
     jest-validate: "workspace:*"
-    micromatch: ^4.0.4
+    micromatch: ^4.0.7
     parse-json: ^5.2.0
     pretty-format: "workspace:*"
     semver: ^7.5.3
@@ -12866,7 +12866,7 @@ __metadata:
     "@jest/types": "workspace:*"
     "@types/fb-watchman": ^2.0.0
     "@types/graceful-fs": ^4.1.3
-    "@types/micromatch": ^4.0.1
+    "@types/micromatch": ^4.0.7
     "@types/node": "*"
     anymatch: ^3.0.3
     fb-watchman: ^2.0.0
@@ -12875,7 +12875,7 @@ __metadata:
     jest-regex-util: "workspace:*"
     jest-util: "workspace:*"
     jest-worker: "workspace:*"
-    micromatch: ^4.0.4
+    micromatch: ^4.0.7
     slash: ^3.0.0
     walker: ^1.0.8
   dependenciesMeta:
@@ -12969,11 +12969,11 @@ __metadata:
     "@jest/types": "workspace:*"
     "@types/babel__code-frame": ^7.0.0
     "@types/graceful-fs": ^4.1.3
-    "@types/micromatch": ^4.0.1
+    "@types/micromatch": ^4.0.7
     "@types/stack-utils": ^2.0.0
     chalk: ^4.0.0
     graceful-fs: ^4.2.9
-    micromatch: ^4.0.4
+    micromatch: ^4.0.7
     pretty-format: "workspace:*"
     slash: ^3.0.0
     stack-utils: ^2.0.3
@@ -15241,13 +15241,13 @@ __metadata:
   languageName: node
   linkType: hard
 
-"micromatch@npm:^4.0.2, micromatch@npm:^4.0.4, micromatch@npm:^4.0.5":
-  version: 4.0.5
-  resolution: "micromatch@npm:4.0.5"
+"micromatch@npm:^4.0.2, micromatch@npm:^4.0.4, micromatch@npm:^4.0.5, micromatch@npm:^4.0.7":
+  version: 4.0.7
+  resolution: "micromatch@npm:4.0.7"
   dependencies:
-    braces: ^3.0.2
+    braces: ^3.0.3
     picomatch: ^2.3.1
-  checksum: 02a17b671c06e8fefeeb6ef996119c1e597c942e632a21ef589154f23898c9c6a9858526246abb14f8bca6e77734aa9dcf65476fca47cedfb80d9577d52843fc
+  checksum: 3cde047d70ad80cf60c787b77198d680db3b8c25b23feb01de5e2652205d9c19f43bd81882f69a0fd1f0cde6a7a122d774998aad3271ddb1b8accf8a0f480cf7
   languageName: node
   linkType: hard