Paul Miller

@MarioTeixeiraCx send me an email with vuln. I have repo and npm access

all tests are failing.

1. It is not a real vulnerability. It is another shit that got cve https://github.com/micromatch/micromatch/issues/243 2. CVE rating 7.5 is nonsense. More like 2.5 3. They can’t even produce a...

micromatch is made by braces founders...

anyways will close it since braces fix is in and we just need to release it. micromatch will autofetch the update.

No plans on coding that by ourselves, but we'll consider merging contributions. I'm concerned about bloat. For example, there are likely different encryption algorithms. Right? We can't be asked to...

We already have it relaxed (~), but not too relaxed (^), it just needed a new release. Done! 0.4.11

There is NO vulnerability: https://github.com/micromatch/braces/pull/37#issuecomment-2121649614

@KnorpelSenf I don't want jsr to mess with my shit by default

Thanks Luca. That makes sense. A few thoughts: > Firstly, tsc changes over time. This means that code you write today results in one version of type information being generated...