Skip to content

Commit f9e49ac

Browse files
authored
fix: bump minimatch to v9 (CN-1004) (#780)
Two options are now passed to generatePathMatcher to preserve existing behavior across the v3→v9 breaking changes: windowsPathsNoEscape: true — In v9, backslashes are treated as escape characters by default (e.g. \* means a literal *). This option restores the v3 behavior where backslashes are path separators only, replaced with / before matching. Since we match file paths inside container layers (which can include \ from Windows images), leaving this off would cause v9 to misinterpret those backslashes and break glob matching. optimizationLevel: 0 — v9 defaults to level 1, which rewrites patterns containing .. (e.g. a/b/../* becomes a/*). Level 0 disables that rewriting so patterns are matched literally against the path string rather than being silently transformed.
1 parent f42f421 commit f9e49ac

File tree

4 files changed

+216
-45
lines changed

4 files changed

+216
-45
lines changed

.snyk

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,15 +5,15 @@ ignore:
55
SNYK-JS-TAR-15307072:
66
- 'snyk-nodejs-lockfile-parser > @yarnpkg/core > tar':
77
reason: 'Indirect dependency from snyk-nodejs-lockfile-parser, waiting for upstream fix'
8-
expires: 2026-04-03T00:00:00.000Z
8+
expires: 2026-05-06T00:00:00.000Z
99
SNYK-JS-TAR-15416075:
1010
- 'snyk-nodejs-lockfile-parser > @yarnpkg/core > tar':
1111
reason: 'Indirect dependency from snyk-nodejs-lockfile-parser, waiting for upstream fix'
12-
expires: 2026-04-03T00:00:00.000Z
12+
expires: 2026-05-06T00:00:00.000Z
1313
SNYK-JS-TAR-15456201:
1414
- 'snyk-nodejs-lockfile-parser > @yarnpkg/core > tar':
1515
reason: 'Indirect dependency from snyk-nodejs-lockfile-parser, waiting for upstream fix'
16-
expires: 2026-04-03T00:00:00.000Z
16+
expires: 2026-05-06T00:00:00.000Z
1717
SNYK-JS-LODASH-15869625:
1818
- '*':
1919
reason: 'Indirect dependency, waiting for upstream fix'

lib/inputs/file-pattern/static.ts

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
import * as minimatch from "minimatch";
1+
import { minimatch, MinimatchOptions } from "minimatch";
22
import * as path from "path";
33

44
import { ExtractAction, ExtractedLayers } from "../../extractor/types";
@@ -13,12 +13,17 @@ function generatePathMatcher(
1313
globsInclude: string[],
1414
globsExclude: string[],
1515
): (filePath: string) => boolean {
16+
const matchOptions: MinimatchOptions = {
17+
windowsPathsNoEscape: true,
18+
optimizationLevel: 0,
19+
};
20+
1621
return (filePath: string): boolean => {
17-
if (globsExclude.some((glob) => minimatch(filePath, glob))) {
22+
if (globsExclude.some((glob) => minimatch(filePath, glob, matchOptions))) {
1823
return false;
1924
}
2025

21-
return globsInclude.some((glob) => minimatch(filePath, glob));
26+
return globsInclude.some((glob) => minimatch(filePath, glob, matchOptions));
2227
};
2328
}
2429

0 commit comments

Comments
 (0)