Skip to content

Commit 1a21df1

Browse files
dotansimhadotansimha
authored
chore(security): clean cves (#6509)
1 parent 716868b commit 1a21df1

File tree

7 files changed

+423
-887
lines changed

7 files changed

+423
-887
lines changed

configs/cargo/Cargo.lock

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
"packageManager": "[email protected]",
1616
"engines": {
1717
"node": ">=22",
18-
"pnpm": ">=9.15.5"
18+
"pnpm": ">=10"
1919
},
2020
"scripts": {
2121
"build": "pnpm turbo build --color",
@@ -101,11 +101,13 @@
101101
"vitest": "3.0.5"
102102
},
103103
"pnpm": {
104+
"overrides.esbuild": "To address CVE: https://github.com/graphql-hive/console/security/dependabot/259",
104105
"overrides.csstype": "To fix type check error https://github.com/JedWatson/react-select/issues/5952",
105106
"overrides.mjml": "Our patch removes html-minifier from mjml-core, we dont need this dependency and its causing false-alarm (CVE https://nvd.nist.gov/vuln/detail/cve-2022-37620)",
106107
"overrides.ip": "There is no update with fix for ip package, we use fork https://github.com/indutny/node-ip/issues/150#issuecomment-2325961380",
107108
"overrides.miniflare": "To address CVE: https://github.com/graphql-hive/console/security/dependabot/245",
108109
"overrides": {
110+
"esbuild": "0.25.0",
109111
"csstype": "3.1.2",
110112
"[email protected]>html-minifier": "-",
111113
"[email protected]>html-minifier": "-",

packages/libraries/external-composition/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@
6161
},
6262
"devDependencies": {
6363
"@apollo/composition": "2.9.3",
64-
"esbuild": "0.24.2",
64+
"esbuild": "0.25.0",
6565
"fastify": "4.29.0",
6666
"graphql": "16.9.0"
6767
},

packages/services/broker-worker/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
"@cloudflare/workers-types": "4.20241230.0",
1212
"@types/service-worker-mock": "2.0.4",
1313
"@whatwg-node/server": "0.9.65",
14-
"esbuild": "0.24.2",
14+
"esbuild": "0.25.0",
1515
"itty-router": "4.2.2",
1616
"toucan-js": "3.4.0",
1717
"undici": "6.21.1",

packages/services/cdn-worker/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
"@whatwg-node/server": "0.9.65",
2323
"bcryptjs": "2.4.3",
2424
"dotenv": "16.4.7",
25-
"esbuild": "0.24.2",
25+
"esbuild": "0.25.0",
2626
"fastify": "4.29.0",
2727
"graphql": "16.9.0",
2828
"itty-router": "4.2.2",

packages/web/app/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -130,7 +130,7 @@
130130
"urql": "4.1.0",
131131
"use-debounce": "10.0.4",
132132
"valtio": "1.13.2",
133-
"vite": "6.0.11",
133+
"vite": "6.1.0",
134134
"vite-tsconfig-paths": "5.1.4",
135135
"wonka": "6.3.4",
136136
"yup": "1.6.1",

0 commit comments

Comments
 (0)