Skip to content

Commit 10f41a0

Browse files
gcmsgclaude
gcmsg
and
claude
committed
fix(deps): update hono to 4.12.7 to fix prototype pollution (CVE)
Resolves Dependabot alert #1: hono < 4.12.7 vulnerable to prototype pollution via __proto__ key in parseBody({ dot: true }). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent 6660649 commit 10f41a0

File tree

2 files changed

+5
-3
lines changed

2 files changed

+5
-3
lines changed

web/app/package-lock.json

Lines changed: 4 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/app/package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@
3434
"eslint-plugin-react-hooks": "^7.0.1",
3535
"eslint-plugin-react-refresh": "^0.4.24",
3636
"globals": "^16.5.0",
37+
"hono": "^4.12.7",
3738
"shadcn": "^3.8.5",
3839
"tailwindcss": "^4.2.1",
3940
"tw-animate-css": "^1.4.0",

0 commit comments

Comments
 (0)