From 6b7198d11cb5654cd312b6985f0d85a1dfd98031 Mon Sep 17 00:00:00 2001 From: alxdca Date: Mon, 23 Mar 2026 16:24:50 +0100 Subject: [PATCH 1/5] chore: bump flatted to fix github advisories --- package.json | 1 + pnpm-lock.yaml | 9 +++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index 2ded5b80..807a6e9e 100644 --- a/package.json +++ b/package.json @@ -41,6 +41,7 @@ "@wagmi/cli>esbuild": "0.25.1", "@wagmi/cli>bundle-require": "5.1.0", "@ethersproject/providers>ws": "7.5.10", + "flatted": "3.4.2", "elliptic": "6.6.1", "nanoid": "3.3.8", "base-x": "3.0.11", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 52ac0aee..4d4a537c 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -10,6 +10,7 @@ overrides: '@wagmi/cli>esbuild': 0.25.1 '@wagmi/cli>bundle-require': 5.1.0 '@ethersproject/providers>ws': 7.5.10 + flatted: 3.4.2 elliptic: 6.6.1 nanoid: 3.3.8 base-x: 3.0.11 @@ -1580,8 +1581,8 @@ packages: resolution: {integrity: sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==} engines: {node: '>=16'} - flatted@3.3.3: - resolution: {integrity: sha512-GX+ysw4PBCz0PzosHDepZGANEuFCMLrnRTiEy9McGjmkCQYwRq4A/X786G/fjM/+OjsWSU1ZrY5qyARZmO/uwg==} + flatted@3.4.2: + resolution: {integrity: sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==} for-each@0.3.5: resolution: {integrity: sha512-dKx12eRCVIzqCxFGplyFKJMPvLEWgmNtUrpTiJIR5u97zEhRG8ySrtboPHZXx7daLxQVrl643cTzbab2tkQjxg==} @@ -4377,10 +4378,10 @@ snapshots: flat-cache@4.0.1: dependencies: - flatted: 3.3.3 + flatted: 3.4.2 keyv: 4.5.4 - flatted@3.3.3: {} + flatted@3.4.2: {} for-each@0.3.5: dependencies: From e99dbc1ad772177f8fd9270003381f38dc197132 Mon Sep 17 00:00:00 2001 From: alxdca Date: Thu, 26 Mar 2026 13:55:44 +0100 Subject: [PATCH 2/5] fix: advisories --- package.json | 6 +++- pnpm-lock.yaml | 80 +++++++++++++++++++++++++++----------------------- 2 files changed, 48 insertions(+), 38 deletions(-) diff --git a/package.json b/package.json index 807a6e9e..705967de 100644 --- a/package.json +++ b/package.json @@ -48,7 +48,11 @@ "pbkdf2": "3.1.3", "sha.js": "2.4.12", "cipher-base": "1.0.5", - "tmp": "0.2.5" + "tmp": "0.2.5", + "picomatch@<2.3.2": "2.3.2", + "picomatch@>=4.0.0 <4.0.4": "4.0.4", + "yaml@>=1.0.0 <1.10.3": "1.10.3", + "yaml@>=2.0.0 <2.8.3": "2.8.3" } } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 4d4a537c..f9882ee5 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -18,6 +18,10 @@ overrides: sha.js: 2.4.12 cipher-base: 1.0.5 tmp: 0.2.5 + picomatch@<2.3.2: 2.3.2 + picomatch@>=4.0.0 <4.0.4: 4.0.4 + yaml@>=1.0.0 <1.10.3: 1.10.3 + yaml@>=2.0.0 <2.8.3: 2.8.3 importers: @@ -61,7 +65,7 @@ importers: version: 1.20.0(typescript@5.2.2)(zod@3.22.4) vitest: specifier: ^3.2.4 - version: 3.2.4 + version: 3.2.4(yaml@2.8.3) examples/create-rollup-custom-fee-token: devDependencies: @@ -1549,7 +1553,7 @@ packages: resolution: {integrity: sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==} engines: {node: '>=12.0.0'} peerDependencies: - picomatch: ^3 || ^4 + picomatch: 4.0.4 peerDependenciesMeta: picomatch: optional: true @@ -2173,12 +2177,12 @@ packages: picocolors@1.1.1: resolution: {integrity: sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==} - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} + picomatch@2.3.2: + resolution: {integrity: sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==} engines: {node: '>=8.6'} - picomatch@4.0.3: - resolution: {integrity: sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==} + picomatch@4.0.4: + resolution: {integrity: sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==} engines: {node: '>=12'} possible-typed-array-names@1.1.0: @@ -2562,7 +2566,7 @@ packages: sugarss: ^5.0.0 terser: ^5.16.0 tsx: ^4.8.1 - yaml: ^2.4.2 + yaml: 2.8.3 peerDependenciesMeta: '@types/node': optional: true @@ -2682,13 +2686,14 @@ packages: resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} engines: {node: '>=10'} - yaml@1.10.2: - resolution: {integrity: sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==} + yaml@1.10.3: + resolution: {integrity: sha512-vIYeF1u3CjlhAFekPPAk2h/Kv4T3mAkMox5OymRiJQB0spDP10LHvt+K7G9Ny6NuuMAb25/6n1qyUjAcGNf/AA==} engines: {node: '>= 6'} - yaml@2.3.4: - resolution: {integrity: sha512-8aAvwVUSHpfEqTQ4w/KMlf3HcRdt50E5ODIQJBw1fQ5RL34xabzxtUlzTXVqc4rkZsPbvrXKWnABCD7kWSmocA==} - engines: {node: '>= 14'} + yaml@2.8.3: + resolution: {integrity: sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==} + engines: {node: '>= 14.6'} + hasBin: true yargs-parser@21.1.1: resolution: {integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==} @@ -3529,13 +3534,13 @@ snapshots: chai: 5.2.0 tinyrainbow: 2.0.0 - '@vitest/mocker@3.2.4(vite@7.3.1)': + '@vitest/mocker@3.2.4(vite@7.3.1(yaml@2.8.3))': dependencies: '@vitest/spy': 3.2.4 estree-walker: 3.0.3 magic-string: 0.30.17 optionalDependencies: - vite: 7.3.1 + vite: 7.3.1(yaml@2.8.3) '@vitest/pretty-format@3.2.4': dependencies: @@ -3643,7 +3648,7 @@ snapshots: anymatch@3.1.3: dependencies: normalize-path: 3.0.0 - picomatch: 2.3.1 + picomatch: 2.3.2 argparse@2.0.1: {} @@ -4345,9 +4350,9 @@ snapshots: dependencies: reusify: 1.0.4 - fdir@6.5.0(picomatch@4.0.3): + fdir@6.5.0(picomatch@4.0.4): optionalDependencies: - picomatch: 4.0.3 + picomatch: 4.0.4 fetch-blob@3.2.0: dependencies: @@ -4771,7 +4776,7 @@ snapshots: micromatch@4.0.8: dependencies: braces: 3.0.3 - picomatch: 2.3.1 + picomatch: 2.3.2 mimic-fn@2.1.0: {} @@ -4933,7 +4938,7 @@ snapshots: semver: 5.7.2 slash: 2.0.0 tmp: 0.2.5 - yaml: 1.10.2 + yaml: 1.10.3 patch-package@8.0.0: dependencies: @@ -4951,7 +4956,7 @@ snapshots: semver: 7.6.2 slash: 2.0.0 tmp: 0.2.5 - yaml: 2.3.4 + yaml: 2.8.3 path-browserify@1.0.1: {} @@ -4995,9 +5000,9 @@ snapshots: picocolors@1.1.1: {} - picomatch@2.3.1: {} + picomatch@2.3.2: {} - picomatch@4.0.3: {} + picomatch@4.0.4: {} possible-typed-array-names@1.1.0: {} @@ -5036,7 +5041,7 @@ snapshots: readdirp@3.6.0: dependencies: - picomatch: 2.3.1 + picomatch: 2.3.2 readline-transform@1.0.0: {} @@ -5296,8 +5301,8 @@ snapshots: tinyglobby@0.2.15: dependencies: - fdir: 6.5.0(picomatch@4.0.3) - picomatch: 4.0.3 + fdir: 6.5.0(picomatch@4.0.4) + picomatch: 4.0.4 tinypool@1.1.1: {} @@ -5420,13 +5425,13 @@ snapshots: - utf-8-validate - zod - vite-node@3.2.4: + vite-node@3.2.4(yaml@2.8.3): dependencies: cac: 6.7.14 debug: 4.4.1 es-module-lexer: 1.7.0 pathe: 2.0.3 - vite: 7.3.1 + vite: 7.3.1(yaml@2.8.3) transitivePeerDependencies: - '@types/node' - jiti @@ -5441,22 +5446,23 @@ snapshots: - tsx - yaml - vite@7.3.1: + vite@7.3.1(yaml@2.8.3): dependencies: esbuild: 0.27.3 - fdir: 6.5.0(picomatch@4.0.3) - picomatch: 4.0.3 + fdir: 6.5.0(picomatch@4.0.4) + picomatch: 4.0.4 postcss: 8.5.6 rollup: 4.59.0 tinyglobby: 0.2.15 optionalDependencies: fsevents: 2.3.3 + yaml: 2.8.3 - vitest@3.2.4: + vitest@3.2.4(yaml@2.8.3): dependencies: '@types/chai': 5.2.2 '@vitest/expect': 3.2.4 - '@vitest/mocker': 3.2.4(vite@7.3.1) + '@vitest/mocker': 3.2.4(vite@7.3.1(yaml@2.8.3)) '@vitest/pretty-format': 3.2.4 '@vitest/runner': 3.2.4 '@vitest/snapshot': 3.2.4 @@ -5467,15 +5473,15 @@ snapshots: expect-type: 1.2.1 magic-string: 0.30.17 pathe: 2.0.3 - picomatch: 4.0.3 + picomatch: 4.0.4 std-env: 3.9.0 tinybench: 2.9.0 tinyexec: 0.3.2 tinyglobby: 0.2.15 tinypool: 1.1.1 tinyrainbow: 2.0.0 - vite: 7.3.1 - vite-node: 3.2.4 + vite: 7.3.1(yaml@2.8.3) + vite-node: 3.2.4(yaml@2.8.3) why-is-node-running: 2.3.0 transitivePeerDependencies: - jiti @@ -5545,9 +5551,9 @@ snapshots: y18n@5.0.8: {} - yaml@1.10.2: {} + yaml@1.10.3: {} - yaml@2.3.4: {} + yaml@2.8.3: {} yargs-parser@21.1.1: {} From c2bf078dd554e465f80f50ec8aba8b7c45b77ff8 Mon Sep 17 00:00:00 2001 From: alxdca Date: Fri, 27 Mar 2026 13:03:39 +0100 Subject: [PATCH 3/5] chore: fix GHSA- f886-m6hf-6m8v advisory --- audit-ci.jsonc | 6 ++++-- package.json | 5 ++++- pnpm-lock.yaml | 27 +++++++++++++++------------ 3 files changed, 23 insertions(+), 15 deletions(-) diff --git a/audit-ci.jsonc b/audit-ci.jsonc index ed951562..24d7bc8d 100644 --- a/audit-ci.jsonc +++ b/audit-ci.jsonc @@ -70,7 +70,9 @@ // elliptic has no patched release yet (affected: <=6.6.1) // transitive via ethereumjs-util -> ethereum-cryptography -> secp256k1 -> elliptic // from: @safe-global/protocol-kit>ethereumjs-util>ethereum-cryptography>secp256k1>elliptic - "GHSA-848j-6mx2-7j84" - + "GHSA-848j-6mx2-7j84", + // https://github.com/advisories/GHSA-f886-m6hf-6m8v + // brace-expansion has fixes in 1.1.13 and 2.0.3 but the advisory db is not updated yet + "GHSA-f886-m6hf-6m8v" ] } diff --git a/package.json b/package.json index 705967de..10922726 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,10 @@ "picomatch@<2.3.2": "2.3.2", "picomatch@>=4.0.0 <4.0.4": "4.0.4", "yaml@>=1.0.0 <1.10.3": "1.10.3", - "yaml@>=2.0.0 <2.8.3": "2.8.3" + "yaml@>=2.0.0 <2.8.3": "2.8.3", + "brace-expansion@>=1.0.0 <1.1.13": "1.1.13", + "brace-expansion@>=2.0.0 <2.0.3": "2.0.3", + "brace-expansion@>=5.0.0 <5.0.5": "5.0.5" } } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index f9882ee5..0788bf52 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -22,6 +22,9 @@ overrides: picomatch@>=4.0.0 <4.0.4: 4.0.4 yaml@>=1.0.0 <1.10.3: 1.10.3 yaml@>=2.0.0 <2.8.3: 2.8.3 + brace-expansion@>=1.0.0 <1.1.13: 1.1.13 + brace-expansion@>=2.0.0 <2.0.3: 2.0.3 + brace-expansion@>=5.0.0 <5.0.5: 5.0.5 importers: @@ -1171,14 +1174,14 @@ packages: bn.js@5.2.3: resolution: {integrity: sha512-EAcmnPkxpntVL+DS7bO1zhcZNvCkxqtkd0ZY53h06GNQ3DEkkGZ/gKgmDv6DdZQGj9BgfSPKtJJ7Dp1GPP8f7w==} - brace-expansion@1.1.12: - resolution: {integrity: sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==} + brace-expansion@1.1.13: + resolution: {integrity: sha512-9ZLprWS6EENmhEOpjCYW2c8VkmOvckIJZfkr7rBW6dObmfgJ/L1GpSYW5Hpo9lDz4D1+n0Ckz8rU7FwHDQiG/w==} - brace-expansion@2.0.2: - resolution: {integrity: sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==} + brace-expansion@2.0.3: + resolution: {integrity: sha512-MCV/fYJEbqx68aE58kv2cA/kiky1G8vux3OR6/jbS+jIMe/6fJWa0DTzJU7dqijOWYwHi1t29FlfYI9uytqlpA==} - brace-expansion@5.0.4: - resolution: {integrity: sha512-h+DEnpVvxmfVefa4jFbCf5HdH5YMDXRsmKflpf1pILZWRFlTbJpxeU55nJl4Smt5HQaGzg1o6RHFPJaOqnmBDg==} + brace-expansion@5.0.5: + resolution: {integrity: sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==} engines: {node: 18 || 20 || >=22} braces@3.0.3: @@ -3728,16 +3731,16 @@ snapshots: bn.js@5.2.3: {} - brace-expansion@1.1.12: + brace-expansion@1.1.13: dependencies: balanced-match: 1.0.2 concat-map: 0.0.1 - brace-expansion@2.0.2: + brace-expansion@2.0.3: dependencies: balanced-match: 1.0.2 - brace-expansion@5.0.4: + brace-expansion@5.0.5: dependencies: balanced-match: 4.0.4 @@ -4788,15 +4791,15 @@ snapshots: minimatch@10.2.4: dependencies: - brace-expansion: 5.0.4 + brace-expansion: 5.0.5 minimatch@3.1.5: dependencies: - brace-expansion: 1.1.12 + brace-expansion: 1.1.13 minimatch@9.0.9: dependencies: - brace-expansion: 2.0.2 + brace-expansion: 2.0.3 minimist@1.2.8: {} From 8e54c692548c8691f92a83baa0a7926cbaae1c7b Mon Sep 17 00:00:00 2001 From: alxdca Date: Thu, 2 Apr 2026 14:47:03 +0200 Subject: [PATCH 4/5] chore: remove advisory from allowlist --- audit-ci.jsonc | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/audit-ci.jsonc b/audit-ci.jsonc index 24d7bc8d..fa6d4319 100644 --- a/audit-ci.jsonc +++ b/audit-ci.jsonc @@ -70,9 +70,6 @@ // elliptic has no patched release yet (affected: <=6.6.1) // transitive via ethereumjs-util -> ethereum-cryptography -> secp256k1 -> elliptic // from: @safe-global/protocol-kit>ethereumjs-util>ethereum-cryptography>secp256k1>elliptic - "GHSA-848j-6mx2-7j84", - // https://github.com/advisories/GHSA-f886-m6hf-6m8v - // brace-expansion has fixes in 1.1.13 and 2.0.3 but the advisory db is not updated yet - "GHSA-f886-m6hf-6m8v" + "GHSA-848j-6mx2-7j84" ] } From 8ae37790f81c3dcf7ed5392b5979f24ad1afd697 Mon Sep 17 00:00:00 2001 From: alxdca Date: Thu, 2 Apr 2026 15:09:36 +0200 Subject: [PATCH 5/5] chore: remove unneeded overrides --- package.json | 16 +--------------- pnpm-lock.yaml | 30 ++++++++---------------------- 2 files changed, 9 insertions(+), 37 deletions(-) diff --git a/package.json b/package.json index 10922726..f10bddf0 100644 --- a/package.json +++ b/package.json @@ -36,26 +36,12 @@ }, "pnpm": { "overrides": { - "viem": "1.20.0", "viem>ws": "8.17.1", "@wagmi/cli>esbuild": "0.25.1", "@wagmi/cli>bundle-require": "5.1.0", "@ethersproject/providers>ws": "7.5.10", - "flatted": "3.4.2", "elliptic": "6.6.1", - "nanoid": "3.3.8", - "base-x": "3.0.11", - "pbkdf2": "3.1.3", - "sha.js": "2.4.12", - "cipher-base": "1.0.5", - "tmp": "0.2.5", - "picomatch@<2.3.2": "2.3.2", - "picomatch@>=4.0.0 <4.0.4": "4.0.4", - "yaml@>=1.0.0 <1.10.3": "1.10.3", - "yaml@>=2.0.0 <2.8.3": "2.8.3", - "brace-expansion@>=1.0.0 <1.1.13": "1.1.13", - "brace-expansion@>=2.0.0 <2.0.3": "2.0.3", - "brace-expansion@>=5.0.0 <5.0.5": "5.0.5" + "tmp": "0.2.5" } } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 0788bf52..171c481f 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -5,26 +5,12 @@ settings: excludeLinksFromLockfile: false overrides: - viem: 1.20.0 viem>ws: 8.17.1 '@wagmi/cli>esbuild': 0.25.1 '@wagmi/cli>bundle-require': 5.1.0 '@ethersproject/providers>ws': 7.5.10 - flatted: 3.4.2 elliptic: 6.6.1 - nanoid: 3.3.8 - base-x: 3.0.11 - pbkdf2: 3.1.3 - sha.js: 2.4.12 - cipher-base: 1.0.5 tmp: 0.2.5 - picomatch@<2.3.2: 2.3.2 - picomatch@>=4.0.0 <4.0.4: 4.0.4 - yaml@>=1.0.0 <1.10.3: 1.10.3 - yaml@>=2.0.0 <2.8.3: 2.8.3 - brace-expansion@>=1.0.0 <1.1.13: 1.1.13 - brace-expansion@>=2.0.0 <2.0.3: 2.0.3 - brace-expansion@>=5.0.0 <5.0.5: 5.0.5 importers: @@ -64,7 +50,7 @@ importers: specifier: ^8.56.1 version: 8.56.1(eslint@9.39.3)(typescript@5.2.2) viem: - specifier: 1.20.0 + specifier: ^1.20.0 version: 1.20.0(typescript@5.2.2)(zod@3.22.4) vitest: specifier: ^3.2.4 @@ -205,7 +191,7 @@ importers: specifier: ^5.7.2 version: 5.7.2 viem: - specifier: 1.20.0 + specifier: ^1.20.0 version: 1.20.0(typescript@5.2.2)(zod@3.22.4) packages: @@ -1556,7 +1542,7 @@ packages: resolution: {integrity: sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==} engines: {node: '>=12.0.0'} peerDependencies: - picomatch: 4.0.4 + picomatch: ^3 || ^4 peerDependenciesMeta: picomatch: optional: true @@ -2007,8 +1993,8 @@ packages: ms@2.1.3: resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - nanoid@3.3.8: - resolution: {integrity: sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w==} + nanoid@3.3.11: + resolution: {integrity: sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==} engines: {node: ^10 || ^12 || ^13.7 || ^14 || >=15.0.1} hasBin: true @@ -2569,7 +2555,7 @@ packages: sugarss: ^5.0.0 terser: ^5.16.0 tsx: ^4.8.1 - yaml: 2.8.3 + yaml: ^2.4.2 peerDependenciesMeta: '@types/node': optional: true @@ -4807,7 +4793,7 @@ snapshots: ms@2.1.3: {} - nanoid@3.3.8: {} + nanoid@3.3.11: {} natural-compare@1.4.0: {} @@ -5011,7 +4997,7 @@ snapshots: postcss@8.5.6: dependencies: - nanoid: 3.3.8 + nanoid: 3.3.11 picocolors: 1.1.1 source-map-js: 1.2.1