Bump dset dependency handling the CVE-2024-21529 (#3620)

enisdenjo · github-actions[bot] · web-flow · commit d24c5d58e05b · 2025-01-06T12:44:19.000+01:00
Co-authored-by: github-actions[bot] &lt;github-actions[bot]@users.noreply.github.com&gt;
diff --git a/.changeset/afraid-olives-attend.md b/.changeset/afraid-olives-attend.md
@@ -0,0 +1,7 @@
+---
+'graphql-yoga': patch
+---
+
+Bump dset dependency handling the CVE-2024-21529
+
+https://security.snyk.io/vuln/SNYK-JS-DSET-7116691
diff --git a/.changeset/graphql-yoga-3620-dependencies.md b/.changeset/graphql-yoga-3620-dependencies.md
@@ -0,0 +1,5 @@
+---
+"graphql-yoga": patch
+---
+dependencies updates:
+  - Updated dependency [`dset@^3.1.4` ↗︎](https://www.npmjs.com/package/dset/v/3.1.4) (from `^3.1.1`, in `dependencies`)
diff --git a/packages/graphql-yoga/package.json b/packages/graphql-yoga/package.json
@@ -57,7 +57,7 @@
     "@graphql-yoga/subscription": "workspace:^",
     "@whatwg-node/fetch": "^0.10.1",
     "@whatwg-node/server": "^0.9.64",
-    "dset": "^3.1.1",
+    "dset": "^3.1.4",
     "lru-cache": "^10.0.0",
     "tslib": "^2.8.1"
   },
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
