From 820f2f84dc9302ff1c42ebb72fbf33f566e1eb11 Mon Sep 17 00:00:00 2001
From: Morgane Dubus <morgane.d@meilisearch.com>
Date: Tue, 14 May 2024 10:38:20 +0200
Subject: [PATCH] fix minimatch ReDoS vulnerability

---
 package.json | 3 +++
 yarn.lock    | 9 +--------
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/package.json b/package.json
index 34bd960..12470fe 100644
--- a/package.json
+++ b/package.json
@@ -60,5 +60,8 @@
     "eslint-plugin-react": "^7.31.11",
     "prettier": "^3.2.5",
     "storybook": "^8.0.10"
+  },
+  "resolutions": {
+    "**/recursive-readdir/**/minimatch": "^3.0.5"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index 496342d..aa2eeec 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -11170,14 +11170,7 @@ minimalistic-assert@^1.0.0:
   resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7"
   integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==
 
-minimatch@3.0.4:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083"
-  integrity sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==
-  dependencies:
-    brace-expansion "^1.1.7"
-
-minimatch@^3.0.2, minimatch@^3.0.4, minimatch@^3.1.1, minimatch@^3.1.2:
+minimatch@3.0.4, minimatch@^3.0.2, minimatch@^3.0.4, minimatch@^3.0.5, minimatch@^3.1.1, minimatch@^3.1.2:
   version "3.1.2"
   resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b"
   integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==