Skip to content

Fix body-parser vulnerability by adding pnpm override#15

Merged
empeje merged 2 commits into
masterfrom
copilot/fix-pnpm-audit-level
Nov 27, 2025
Merged

Fix body-parser vulnerability by adding pnpm override#15
empeje merged 2 commits into
masterfrom
copilot/fix-pnpm-audit-level

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Nov 27, 2025
edited
Loading

CI security audit (pnpm audit --audit-level moderate) failing due to DoS vulnerability in body-parser@2.2.0, a transitive dependency via @modelcontextprotocol/sdk → express → body-parser.

Changes

  • Added pnpm override to force body-parser>=2.2.1 (patched version)
"pnpm": {
  "overrides": {
    "js-yaml": ">=4.1.1",
    "body-parser": ">=2.2.1"
  }
}
Original prompt

Fix: Run pnpm audit --audit-level moderate

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI self-assigned this Nov 27, 2025
@empeje
Fix body-parser vulnerability by adding pnpm override for >=2.2.1
6c46011 
Co-authored-by: empeje <11813607+empeje@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix pnpm audit to set audit level to moderate Fix body-parser vulnerability by adding pnpm override Nov 27, 2025
Copilot AI requested a review from empeje November 27, 2025 19:27
@empeje empeje marked this pull request as ready for review November 27, 2025 20:20
@empeje empeje merged commit 526cc32 into master Nov 27, 2025
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@empeje empeje Awaiting requested review from empeje

Assignees

@empeje empeje

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@empeje