Resolve #3571839 "Remove or update" (!545) · Merge requests · project / canvas

Critical security issues with older versions of glob (Github CVE issue linked in below links):

Bump rimraf in @drupal-canvas/create directly to update glob to 13.0.1 there.
The other dependencies that use it @storybook/react-vite and eslint-config-drupal both have sub-dependencies that use a compromised version of glob so updated the overrides key in our package.json to 13.0.1.

Edited Feb 05, 2026 by Harumi Jang

Resolve #3571839 "Remove or update"