Skip to content

Commit 8cb310f

Browse files
fix(dependabot): force hds-react cookie to v0.7.2 to fix depbot issue 28
refs HCRC-156
1 parent 42ae9f9 commit 8cb310f

2 files changed

Lines changed: 15 additions & 4 deletions

File tree

package.json

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,17 @@
6060
"optional": true
6161
}
6262
},
63+
"//": {
64+
"Why are packages in resolutions?": {
65+
"hds-react/cookie": [
66+
"To fix https://github.com/City-of-Helsinki/react-helsinki-headless-cms/security/dependabot/28",
67+
"NOTE: This can be removed if hds-react starts to depend on >=v1 cookie"
68+
]
69+
}
70+
},
71+
"resolutions": {
72+
"hds-react/cookie": "^0.7.2"
73+
},
6374
"devDependencies": {
6475
"@apollo/client": "^3.14.0",
6576
"@babel/core": "^7.28.5",

yarn.lock

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -5550,10 +5550,10 @@ convert-source-map@^2.0.0:
55505550
resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-2.0.0.tgz#4b560f649fc4e918dd0ab75cf4961e8bc882d82a"
55515551
integrity sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==
55525552

5553-
cookie@^0.4.1:
5554-
version "0.4.2"
5555-
resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.2.tgz#0e41f24de5ecf317947c82fc789e06a884824432"
5556-
integrity sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==
5553+
cookie@^0.4.1, cookie@^0.7.2:
5554+
version "0.7.2"
5555+
resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.2.tgz#556369c472a2ba910f2979891b526b3436237ed7"
5556+
integrity sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==
55575557

55585558
cookie@^1.0.2:
55595559
version "1.1.1"

0 commit comments

Comments
 (0)