From e8d134f5a93a163f59586c9fb8bd07bf6f41c7b4 Mon Sep 17 00:00:00 2001
From: docker-claude <user@docker-claude.local>
Date: Mon, 20 Apr 2026 23:23:27 +0200
Subject: [PATCH] fix(dockerfile): bump MCP SDK 1.26.0, patch brace-expansion
 5.0.5 (GHSA-345p-7cg4-v4c7, GHSA-f886-m6hf-6m8v)

Add comprehensive picomatch sweep for nested node_modules; use direct
tarball-copy strategy to patch brace-expansion inside npm's own bundled
node_modules where npm-install --prefix cannot reach.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 claude/Dockerfile | 26 +++++++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

diff --git a/claude/Dockerfile b/claude/Dockerfile
index 9626ff5..1abcb7f 100644
--- a/claude/Dockerfile
+++ b/claude/Dockerfile
@@ -48,7 +48,9 @@ RUN npm install -g \
 
 # Patch transitive CVEs bundled inside MCP server node_modules:
 #   CVE-2025-66414, CVE-2026-0621 — @modelcontextprotocol/sdk <1.25.2
-#   CVE-2026-33671               — picomatch <4.0.4 (also covers npm bundled copy above)
+#   GHSA-345p-7cg4-v4c7           — @modelcontextprotocol/sdk <1.26.0
+#   CVE-2026-33671                — picomatch <4.0.4 (also covers npm bundled copy above)
+#   GHSA-f886-m6hf-6m8v           — brace-expansion <5.0.5
 RUN for pkg_dir in \
       /usr/local/lib/node_modules/@modelcontextprotocol/server-github \
       /usr/local/lib/node_modules/@yoda.digital/gitlab-mcp-server \
@@ -57,10 +59,28 @@ RUN for pkg_dir in \
     [ -d "$pkg_dir" ] && \
       cd "$pkg_dir" && \
       npm install --no-audit --no-fund \
-        @modelcontextprotocol/sdk@1.25.2 \
+        @modelcontextprotocol/sdk@1.26.0 \
         picomatch@4.0.4 \
+        brace-expansion@5.0.5 \
       || true; \
-  done
+  done \
+  && find /usr/local/lib/node_modules -name "picomatch" -type d | while read dir; do \
+      ver=$(node -p "require('$dir/package.json').version" 2>/dev/null); \
+      [ "$ver" = "4.0.3" ] || continue; \
+      prefix=$(dirname "$(dirname "$dir")"); \
+      npm install --prefix "$prefix" picomatch@4.0.4 \
+        --no-save --no-audit --no-fund 2>/dev/null || true; \
+    done \
+  && cd /tmp \
+  && npm pack brace-expansion@5.0.5 --no-audit 2>/dev/null \
+  && tar xzf brace-expansion-5.0.5.tgz \
+  && find /usr/local/lib/node_modules -name "package.json" -path "*/brace-expansion/package.json" \
+     | xargs grep -l '"version": "5.0.4"' 2>/dev/null \
+     | while read pj; do \
+         echo "Patching brace-expansion at $(dirname "$pj")"; \
+         cp -r /tmp/package/. "$(dirname "$pj")/"; \
+       done \
+  && rm -rf /tmp/brace-expansion-5.0.5.tgz /tmp/package
 
 # Remove any npm auth credentials written during install.
 # npm automatically picks up GITHUB_TOKEN and NPM_TOKEN from the build environment