Skip to content

chore(deps)(deps): bump @docusaurus/core from 3.5.2 to 3.9.2 #82

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from

chore(deps)(deps): bump @docusaurus/core from 3.5.2 to 3.9.2

c4a8246
Select commit
Loading
Failed to load commit list.
Open

chore(deps)(deps): bump @docusaurus/core from 3.5.2 to 3.9.2 #82

chore(deps)(deps): bump @docusaurus/core from 3.5.2 to 3.9.2
c4a8246
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / Trivy failed Oct 20, 2025 in 2s

8 new alerts including 1 critical severity security vulnerability

New alerts in code changed by this pull request

Security Alerts:

  • 1 critical
  • 5 medium
  • 2 low

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 10442 in yarn.lock

See this annotation in the file changed.

Code scanning / Trivy

dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling Medium

Package: dompurify
Installed Version: 3.1.6
Vulnerability CVE-2025-26791
Severity: MEDIUM
Fixed Version: 3.2.4
Link: CVE-2025-26791

Check failure on line 10558 in yarn.lock

See this annotation in the file changed.

Code scanning / Trivy

Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) Critical

Package: elliptic
Installed Version: 6.5.7
Vulnerability GHSA-vjh7-7g9h-fjfh
Severity: CRITICAL
Fixed Version: 6.6.1
Link: GHSA-vjh7-7g9h-fjfh

Check warning on line 10558 in yarn.lock

See this annotation in the file changed.

Code scanning / Trivy

elliptic: ECDSA signature verification error may reject legitimate transactions Medium

Package: elliptic
Installed Version: 6.5.7
Vulnerability CVE-2024-48948
Severity: LOW
Fixed Version: 6.6.0
Link: CVE-2024-48948

Check notice on line 11617 in yarn.lock

See this annotation in the file changed.

Code scanning / Trivy

fast-redact: fast-redact prototype pollution Low

Package: fast-redact
Installed Version: 3.5.0
Vulnerability CVE-2025-57319
Severity: LOW
Fixed Version:
Link: CVE-2025-57319

Check warning on line 16256 in yarn.lock

See this annotation in the file changed.

Code scanning / Trivy

Mermaid improperly sanitizes sequence diagram labels leading to XSS Medium

Package: mermaid
Installed Version: 10.9.3
Vulnerability CVE-2025-54881
Severity: MEDIUM
Fixed Version: 11.10.0, 10.9.4
Link: CVE-2025-54881

Check notice on line 18003 in yarn.lock

See this annotation in the file changed.

Code scanning / Trivy

on-headers: on-headers vulnerable to http response header manipulation Low

Package: on-headers
Installed Version: 1.0.2
Vulnerability CVE-2025-7339
Severity: LOW
Fixed Version: 1.1.0
Link: CVE-2025-7339

Check warning on line 23532 in yarn.lock

See this annotation in the file changed.

Code scanning / Trivy

webpack-dev-server: webpack-dev-server information exposure Medium

Package: webpack-dev-server
Installed Version: 4.15.2
Vulnerability CVE-2025-30359
Severity: MEDIUM
Fixed Version: 5.2.1
Link: CVE-2025-30359

Check warning on line 23532 in yarn.lock

See this annotation in the file changed.

Code scanning / Trivy

webpack-dev-server: webpack-dev-server information exposure Medium

Package: webpack-dev-server
Installed Version: 4.15.2
Vulnerability CVE-2025-30360
Severity: MEDIUM
Fixed Version: 5.2.1
Link: CVE-2025-30360