Register | Log in

node-brace-expansion

Brace expansion as known from sh/bash for Node.js

Choose email to subscribe with

general

source: node-brace-expansion (main)
version: 2.0.1+~1.1.0-2
maintainer: Debian Javascript Maintainers (archive) (DMD)
uploaders: Sruthi Chandran [DMD]
arch: all
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.1.8-1
oldstable: 2.0.0-1
stable: 2.0.1-2
testing: 2.0.1+~1.1.0-2
unstable: 2.0.1+~1.1.0-2

versioned links

1.1.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.1+~1.1.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

node-brace-expansion

action needed

A new upstream version is available: 4.0.1+~1.1.2 high

A new upstream version 4.0.1+~1.1.2 is available, you should consider packaging it.

Created: 2023-10-08 Last update: 2025-06-23 05:22

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-06-12 Last update: 2025-06-12 23:01

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-5889: (needs triaging) A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.12, 2.0.2, 3.0.1 and 4.0.1 is able to address this issue. The name of the patch is a5b98a4f30d7813266b221435e1eaaf25a1b0ac5. It is recommended to upgrade the affected component.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-06-11 Last update: 2025-06-17 04:30

news

[2025-06-17] node-brace-expansion 2.0.1+~1.1.0-2 MIGRATED to testing (Debian testing watch)
[2025-06-12] Accepted node-brace-expansion 2.0.1+~1.1.0-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2023-09-24] node-brace-expansion 2.0.1+~1.1.0-1 MIGRATED to testing (Debian testing watch)
[2023-09-22] Accepted node-brace-expansion 2.0.1+~1.1.0-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-11-25] node-brace-expansion 2.0.1-2 MIGRATED to testing (Debian testing watch)
[2022-11-22] Accepted node-brace-expansion 2.0.1-2 (source) into unstable (Jelmer Vernooĳ) (signed by: Jelmer Vernooij)
[2022-01-01] node-brace-expansion 2.0.1-1 MIGRATED to testing (Debian testing watch)
[2021-12-30] Accepted node-brace-expansion 2.0.1-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2020-11-04] node-brace-expansion 2.0.0-1 MIGRATED to testing (Debian testing watch)
[2020-11-02] Accepted node-brace-expansion 2.0.0-1 (source) into unstable (Xavier Guimard)
[2020-01-17] node-brace-expansion 1.1.11-1 MIGRATED to testing (Debian testing watch)
[2020-01-14] Accepted node-brace-expansion 1.1.11-1 (source) into unstable (Xavier Guimard)
[2018-09-29] Accepted node-brace-expansion 1.1.8-1~bpo9+1 (source all) into stretch-backports, stretch-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2017-08-06] Accepted node-brace-expansion 1.1.6-1+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Sruthi Chandran) (signed by: Praveen Arimbrathodiyil)
[2017-07-04] node-brace-expansion 1.1.8-1 MIGRATED to testing (Debian testing watch)
[2017-06-28] Accepted node-brace-expansion 1.1.8-1 (source) into unstable (Sruthi Chandran)
[2016-11-06] node-brace-expansion 1.1.6-1 MIGRATED to testing (Debian testing watch)
[2016-10-26] Accepted node-brace-expansion 1.1.6-1 (source all) into unstable, unstable (Sruthi Chandran) (signed by: Praveen Arimbrathodiyil)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 2)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.0.1+~1.1.0-2

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing