From 569d5cfecdd9b2482ae185aa26e2ad420654478d Mon Sep 17 00:00:00 2001
From: Ismo Vuorinen <ismo@ivuorinen.net>
Date: Thu, 26 Feb 2026 21:29:49 +0200
Subject: [PATCH] fix(deps): resolve vulnerable minimatch 10.1.3 via yarn
 resolutions (#124)

---
 package.json |  3 +++
 yarn.lock    | 17 ++++-------------
 2 files changed, 7 insertions(+), 13 deletions(-)

diff --git a/package.json b/package.json
index 5bb0d57..a73b20c 100644
--- a/package.json
+++ b/package.json
@@ -43,5 +43,8 @@
   "packageManager": "yarn@4.12.0",
   "devDependencies": {
     "@ivuorinen/semantic-release-config": "^1.0.0"
+  },
+  "resolutions": {
+    "minimatch": ">=10.2.1"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index cf0213c..35999af 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2891,21 +2891,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"minimatch@npm:^10.0.3, minimatch@npm:^10.1.1, minimatch@npm:^10.2.2":
-  version: 10.2.2
-  resolution: "minimatch@npm:10.2.2"
+"minimatch@npm:>=10.2.1":
+  version: 10.2.4
+  resolution: "minimatch@npm:10.2.4"
   dependencies:
     brace-expansion: "npm:^5.0.2"
-  checksum: 10c0/098831f2f542cb802e1f249c809008a016e1fef6b3a9eda9cf9ecb2b3d7979083951bd47c0c82fcf34330bd3b36638a493d4fa8e24cce58caf5b481de0f4e238
-  languageName: node
-  linkType: hard
-
-"minimatch@npm:~10.1.1":
-  version: 10.1.3
-  resolution: "minimatch@npm:10.1.3"
-  dependencies:
-    brace-expansion: "npm:^5.0.2"
-  checksum: 10c0/374603b9e2a3a4339001f8d6943fad944906751c92b459ea0362ec93ec478009b4238a368bed9141763626210b6f0b84f9c48f295a6f87c5d35f9aa452e0a4bc
+  checksum: 10c0/35f3dfb7b99b51efd46afd378486889f590e7efb10e0f6a10ba6800428cf65c9a8dedb74427d0570b318d749b543dc4e85f06d46d2858bc8cac7e1eb49a95945
   languageName: node
   linkType: hard