From bae8df049a15b5516dbcdc9ff363d55ce2ec5f41 Mon Sep 17 00:00:00 2001
From: Taimoor Aslam <taimoor.aslam@sap.com>
Date: Mon, 30 Mar 2026 11:12:39 +0200
Subject: [PATCH 1/2] fix(deps): address CVE-2026-33750 in brace-expansion

- Added pnpm override for brace-expansion >=5.0.5
- Fixes Dependabot alert #153
---
 package.json   | 3 ++-
 pnpm-lock.yaml | 9 +++++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 2e08d436cc..f3029436ab 100644
--- a/package.json
+++ b/package.json
@@ -48,7 +48,8 @@
     "overrides": {
       "minimatch": ">=10.2.4",
       "flatted": ">=3.4.2",
-      "picomatch": ">=4.0.4"
+      "picomatch": ">=4.0.4",
+      "brace-expansion": ">=5.0.5"
     }
   }
 }
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 64a996496d..bc6f53fb1c 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -8,6 +8,7 @@ overrides:
   minimatch: '>=10.2.4'
   flatted: '>=3.4.2'
   picomatch: '>=4.0.4'
+  brace-expansion: '>=5.0.5'
 
 importers:
 
@@ -4022,8 +4023,8 @@ packages:
     resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==}
     engines: {node: '>=8'}
 
-  brace-expansion@5.0.4:
-    resolution: {integrity: sha512-h+DEnpVvxmfVefa4jFbCf5HdH5YMDXRsmKflpf1pILZWRFlTbJpxeU55nJl4Smt5HQaGzg1o6RHFPJaOqnmBDg==}
+  brace-expansion@5.0.5:
+    resolution: {integrity: sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==}
     engines: {node: 18 || 20 || >=22}
 
   braces@3.0.3:
@@ -10572,7 +10573,7 @@ snapshots:
 
   binary-extensions@2.3.0: {}
 
-  brace-expansion@5.0.4:
+  brace-expansion@5.0.5:
     dependencies:
       balanced-match: 4.0.4
 
@@ -12584,7 +12585,7 @@ snapshots:
 
   minimatch@10.2.4:
     dependencies:
-      brace-expansion: 5.0.4
+      brace-expansion: 5.0.5
 
   minimist@1.2.8: {}
 

From 7620abe9008de50cb8436ad96413e3a55df0b8aa Mon Sep 17 00:00:00 2001
From: Taimoor Aslam <taimoor.aslam@sap.com>
Date: Mon, 30 Mar 2026 11:13:23 +0200
Subject: [PATCH 2/2] chore: add changeset for security fix

---
 .changeset/blue-brooms-begin.md | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 .changeset/blue-brooms-begin.md

diff --git a/.changeset/blue-brooms-begin.md b/.changeset/blue-brooms-begin.md
new file mode 100644
index 0000000000..eb8b21f35e
--- /dev/null
+++ b/.changeset/blue-brooms-begin.md
@@ -0,0 +1,5 @@
+---
+"juno": patch
+---
+
+fix: address CVE-2026-33750 vulnerability in brace-expansion