Commit 9076be0

authored

chore(deps): bump dependencies to handle vulnerabilities (#7786)

# Motivation ``` # npm audit report devalue <=5.6.3 Severity: moderate devalue has prototype pollution in devalue.parse and devalue.unflatten - GHSA-cfw5-2vxh-hr84 Sveltejs devalue's `devalue.parse` and `devalue.unflatten` emit objects with `__proto__` own properties - GHSA-mwv9-gp5h-frr4 fix available via `npm audit fix` node_modules/devalue dompurify 3.1.3 - 3.3.1 Severity: moderate DOMPurify contains a Cross-site Scripting vulnerability - GHSA-v2wj-7wpq-c8vv fix available via `npm audit fix` node_modules/dompurify flatted <3.4.0 Severity: high flatted vulnerable to unbounded recursion DoS in parse() revive phase - GHSA-25h7-pfq9-p65f fix available via `npm audit fix` node_modules/flatted 3 vulnerabilities (2 moderate, 1 high) To address all issues, run: npm audit fix ``` # Changes - Ran `npm audit fix` # Tests - CI green # Todos - [x] Accessibility (a11y) – any impact? - [x] Changelog – is it needed?

1 parent 87b1061 commit 9076be0Copy full SHA for 9076be0

1 file changed

+9

-9

lines changed

frontend
- package-lock.json

1 file changed

+9

-9

lines changed

`‎frontend/package-lock.json‎`

Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Comments

(0)