Skip to content

Commit f3e1c1c

Browse files
mergify[bot]hl662
andauthored
Add GHSA-5c6j-r48x-rmvq override (backport #9046) [release/4.11.x] (#9049)
Co-authored-by: Nam Le <50554904+hl662@users.noreply.github.com>
1 parent 3ffc4c6 commit f3e1c1c

3 files changed

Lines changed: 10 additions & 19 deletions

File tree

.github/workflows/extract-api.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131
- name: Setup node
3232
uses: actions/setup-node@v4
3333
with:
34-
node-version: "18"
34+
node-version: "22"
3535

3636
- name: Rush install
3737
run: node common/scripts/install-run-rush.js install

common/config/rush/pnpm-config.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,8 @@
1818
"minimatch@>=5.0.0 <5.1.8": "^5.1.8", // https://github.com/advisories/GHSA-7r86-cg39-jmmj and https://github.com/advisories/GHSA-23c5-xmqv-rm74
1919
"minimatch@>=9.0.0 <9.0.7": "^9.0.7", // https://github.com/advisories/GHSA-7r86-cg39-jmmj and https://github.com/advisories/GHSA-23c5-xmqv-rm74
2020
"glob@>=11.0.0 <11.1.0": "^11.1.0", // https://github.com/advisories/GHSA-5j98-mcp5-4vw2 cpx2>glob
21-
"axios": "^1.13.5" // https://github.com/advisories/GHSA-43fc-jf86-j433
21+
"axios": "^1.13.5", // https://github.com/advisories/GHSA-43fc-jf86-j433
22+
"serialize-javascript": "^7.0.3" // https://github.com/advisories/GHSA-5c6j-r48x-rmvq mocha>serialize-javascript (related to CVE-2020-7660)
2223
},
2324
// A list of temporary advisories excluded from the High and Critical list.
2425
// Warning this should only be used as a temporary measure to avoid build failures

common/config/rush/pnpm-lock.yaml

Lines changed: 7 additions & 17 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)