@naandalist/patch-package

This package is a forked version of the official patch-package. Its main purpose is to fix a security vulnerability (MEDIUM, and HIGH SEVERITY).

This fork fixes several security vulnerabilities identified by Snyk:

1. Fixed Regular Expression Denial of Service (ReDoS) vulnerability in cross-spawn dependency

   • Severity: High 🚨
   • Vulnerability ID: SNYK-JS-CROSSSPAWN-8303230

2. Fixed Inefficient Regular Expression Complexity issue in micromatch dependency

   • Severity: High 🚨
   • Vulnerability ID: SNYK-JS-MICROMATCH-6838728

3. Missing Release of Resource after Effective Lifetime issue in inflight depedency

   • Severity: Medium 🚨
   • Vulnerability ID: SNYK-JS-INFLIGHT-6095116

npm install @naandalist/patch-package
# or
yarn add @naandalist/patch-package

The usage remains identical to the original patch-package, maintaining full compatibility while providing enhanced security.

1. Make your changes to package files in the node_modules folder
2. Run the following command:

# Using yarn
yarn patch-package package-name

# Using npm
npx patch-package package-name

Patches are automatically applied when you run:

yarn install
# or
npm install

For detailed usage instructions and advanced features, please refer to the original patch-package documentation.

• ✅ All original functionality preserved
• 🛡️ Snyk finding security vulnerabilities fixed
• 💪 Regular security maintenance

Contributions are welcome! Please feel free to submit a Pull Request.

MIT - See LICENSE for details.

For more details, please visit GitHub repository.