Skip to content

Vulnerable Dependency: glob (due to minimatch) #1934

New issue
New issue
Closed
Task
#1936
Closed
Vulnerable Dependency: glob (due to minimatch)#1934
Task
#1936
Assignees
azucopilot-swe-agent
Labels
Status: PR WelcomeWelcome to Pull RequestType: DependenciesDependency issues or Changes to dependency files
@dmillar-vx

Description

@dmillar-vx
dmillar-vx
opened on Feb 20, 2026

Howdy, thanks for supporting/maintaining textlint!

glob v10 depends on a minimatch version that has a CVE: GHSA-3ppc-4f35-3m26

It looks like glob v11 uses a newer version of minimatch that is not affected, and still supports back to node 20 which would align with the current supported version specified in textlint.

Metadata

Metadata

Assignees

Labels

Status: PR WelcomeWelcome to Pull RequestType: DependenciesDependency issues or Changes to dependency files

Type

Task

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions