orval is able to generate client with appropriate type-signatures (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification, either in yaml or json formats. 🍺
Run snyk test --severity-threshold=high on package after installing
What happens?
Receive error:
✗ Inefficient Regular Expression Complexity [High Severity][https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728] in micromatch@4.0.7
introduced by orval@6.31.0 > @orval/angular@6.31.0 > @orval/core@6.31.0 > micromatch@4.0.7 and 1 other path(s)
This issue was fixed in versions: 4.0.8
What are the steps to reproduce this issue?
What happens?
Receive error: ✗ Inefficient Regular Expression Complexity [High Severity][https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728] in micromatch@4.0.7 introduced by orval@6.31.0 > @orval/angular@6.31.0 > @orval/core@6.31.0 > micromatch@4.0.7 and 1 other path(s) This issue was fixed in versions: 4.0.8
What were you expecting to happen?
Snyk to be fine with all Orval dependencies
Any other comments?
Synk report is here: https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 Does this affect us and should we bump micromatch in orval/core to 4.0.8?
What versions are you using?
npmPackages: @tanstack/svelte-query: ^5.56.2 => 5.56.2 axios: ^1.7.7 => 1.7.7 msw: ^2.4.9 => 2.4.9 orval: ^7.1.1 => 7.1.1 svelte: ^4.2.19 => 4.2.19