fix(deps): resolve 15 Dependabot security vulnerabilities
- undici: updated to fix WebSocket memory exhaustion, CRLF injection, HTTP smuggling, and 64-bit length overflow (10 alerts) - devalue: updated to fix prototype pollution in parse/unflatten (2 alerts) - serialize-javascript: override to >=7.0.3 fixes RCE via RegExp.flags (1 alert) - glib 0.18.5: unsound Iterator impls — upstream tauri dependency, cannot update without tauri releasing gtk-rs 0.22 support (1 alert, low risk) Resolves all npm vulnerabilities (0 remaining). 1 Rust advisory remains (glib, pinned by tauri gtk-rs dependency chain).
This commit is contained in:
Hibryda
parent
ec2fee256e
commit
6973c70c5a
2 changed files with 63 additions and 31 deletions
91
package-lock.json
generated
91
package-lock.json
generated
|
|
@ -1,11 +1,11 @@
|
|||
{
|
||||
"name": "bterminal-v2",
|
||||
"name": "agents-orchestrator",
|
||||
"version": "0.1.0",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "bterminal-v2",
|
||||
"name": "agents-orchestrator",
|
||||
"version": "0.1.0",
|
||||
"dependencies": {
|
||||
"@anthropic-ai/claude-agent-sdk": "^0.2.70",
|
||||
|
|
@ -3207,17 +3207,17 @@
|
|||
}
|
||||
},
|
||||
"node_modules/@wdio/mocha-framework": {
|
||||
"version": "9.24.0",
|
||||
"resolved": "https://registry.npmjs.org/@wdio/mocha-framework/-/mocha-framework-9.24.0.tgz",
|
||||
"integrity": "sha512-zzTfFk79Zx3qZgfbgpJ7o0euzgXIQSCzbfFPjgtEx8u7fvrhB8tbgf+EGPOEGPBOH/X1GvpAfDkhkgZ6roDR2Q==",
|
||||
"version": "9.26.1",
|
||||
"resolved": "https://registry.npmjs.org/@wdio/mocha-framework/-/mocha-framework-9.26.1.tgz",
|
||||
"integrity": "sha512-/yxEziBCZgxGG2atM0CScSpBZbxy1AFK4m7Gw073i2xMxbWjL1UsXR6fre9Wmgc5bTso7b6kkKsNZYy2hNKXnw==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@types/mocha": "^10.0.6",
|
||||
"@types/node": "^20.11.28",
|
||||
"@wdio/logger": "9.18.0",
|
||||
"@wdio/types": "9.24.0",
|
||||
"@wdio/utils": "9.24.0",
|
||||
"@wdio/types": "9.26.1",
|
||||
"@wdio/utils": "9.26.1",
|
||||
"mocha": "^10.3.0"
|
||||
},
|
||||
"engines": {
|
||||
|
|
@ -3234,6 +3234,45 @@
|
|||
"undici-types": "~6.21.0"
|
||||
}
|
||||
},
|
||||
"node_modules/@wdio/mocha-framework/node_modules/@wdio/types": {
|
||||
"version": "9.26.1",
|
||||
"resolved": "https://registry.npmjs.org/@wdio/types/-/types-9.26.1.tgz",
|
||||
"integrity": "sha512-U6JTbwVvDoSHBvFNuE6GbiW4fX0gl7wyrtJVsgv0vYkt4qzssVPFpE19ndBY1PZ59dLWU6llDEgyyTtIcXwSfQ==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@types/node": "^20.1.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=18.20.0"
|
||||
}
|
||||
},
|
||||
"node_modules/@wdio/mocha-framework/node_modules/@wdio/utils": {
|
||||
"version": "9.26.1",
|
||||
"resolved": "https://registry.npmjs.org/@wdio/utils/-/utils-9.26.1.tgz",
|
||||
"integrity": "sha512-EfXS438cLc54+XQFcFcbcTWLJ4VSEpjtEHQ/v3QFB+mbBezJUC15rf/zEG4fFjhP1ENAAmZZtjc/l6bGEFFk2A==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@puppeteer/browsers": "^2.2.0",
|
||||
"@wdio/logger": "9.18.0",
|
||||
"@wdio/types": "9.26.1",
|
||||
"decamelize": "^6.0.0",
|
||||
"deepmerge-ts": "^7.0.3",
|
||||
"edgedriver": "^6.1.2",
|
||||
"geckodriver": "^6.1.0",
|
||||
"get-port": "^7.0.0",
|
||||
"import-meta-resolve": "^4.0.0",
|
||||
"locate-app": "^2.2.24",
|
||||
"mitt": "^3.0.1",
|
||||
"safaridriver": "^1.0.0",
|
||||
"split2": "^4.2.0",
|
||||
"wait-port": "^1.1.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=18.20.0"
|
||||
}
|
||||
},
|
||||
"node_modules/@wdio/mocha-framework/node_modules/undici-types": {
|
||||
"version": "6.21.0",
|
||||
"resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
|
||||
|
|
@ -4048,9 +4087,9 @@
|
|||
}
|
||||
},
|
||||
"node_modules/cheerio/node_modules/undici": {
|
||||
"version": "7.22.0",
|
||||
"resolved": "https://registry.npmjs.org/undici/-/undici-7.22.0.tgz",
|
||||
"integrity": "sha512-RqslV2Us5BrllB+JeiZnK4peryVTndy9Dnqq62S3yYRRTj0tFQCwEniUy2167skdGOy3vqRzEvl1Dm4sV2ReDg==",
|
||||
"version": "7.24.4",
|
||||
"resolved": "https://registry.npmjs.org/undici/-/undici-7.24.4.tgz",
|
||||
"integrity": "sha512-BM/JzwwaRXxrLdElV2Uo6cTLEjhSb3WXboncJamZ15NgUURmvlXvxa6xkwIOILIjPNo9i8ku136ZvWV0Uly8+w==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"engines": {
|
||||
|
|
@ -4532,9 +4571,9 @@
|
|||
}
|
||||
},
|
||||
"node_modules/devalue": {
|
||||
"version": "5.6.3",
|
||||
"resolved": "https://registry.npmjs.org/devalue/-/devalue-5.6.3.tgz",
|
||||
"integrity": "sha512-nc7XjUU/2Lb+SvEFVGcWLiKkzfw8+qHI7zn8WYXKkLMgfGSHbgCEaR6bJpev8Cm6Rmrb19Gfd/tZvGqx9is3wg==",
|
||||
"version": "5.6.4",
|
||||
"resolved": "https://registry.npmjs.org/devalue/-/devalue-5.6.4.tgz",
|
||||
"integrity": "sha512-Gp6rDldRsFh/7XuouDbxMH3Mx8GMCcgzIb1pDTvNyn8pZGQ22u+Wa+lGV9dQCltFQ7uVw0MhRyb8XDskNFOReA==",
|
||||
"dev": true,
|
||||
"license": "MIT"
|
||||
},
|
||||
|
|
@ -7552,16 +7591,6 @@
|
|||
"dev": true,
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/randombytes": {
|
||||
"version": "2.1.0",
|
||||
"resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz",
|
||||
"integrity": "sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"safe-buffer": "^5.1.0"
|
||||
}
|
||||
},
|
||||
"node_modules/react-is": {
|
||||
"version": "18.3.1",
|
||||
"resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz",
|
||||
|
|
@ -8050,13 +8079,13 @@
|
|||
}
|
||||
},
|
||||
"node_modules/serialize-javascript": {
|
||||
"version": "6.0.2",
|
||||
"resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.2.tgz",
|
||||
"integrity": "sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==",
|
||||
"version": "7.0.4",
|
||||
"resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-7.0.4.tgz",
|
||||
"integrity": "sha512-DuGdB+Po43Q5Jxwpzt1lhyFSYKryqoNjQSA9M92tyw0lyHIOur+XCalOUe0KTJpyqzT8+fQ5A0Jf7vCx/NKmIg==",
|
||||
"dev": true,
|
||||
"license": "BSD-3-Clause",
|
||||
"dependencies": {
|
||||
"randombytes": "^2.1.0"
|
||||
"engines": {
|
||||
"node": ">=20.0.0"
|
||||
}
|
||||
},
|
||||
"node_modules/setimmediate": {
|
||||
|
|
@ -8736,9 +8765,9 @@
|
|||
}
|
||||
},
|
||||
"node_modules/undici": {
|
||||
"version": "6.23.0",
|
||||
"resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
|
||||
"integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
|
||||
"version": "6.24.1",
|
||||
"resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz",
|
||||
"integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"engines": {
|
||||
|
|
|
|||
|
|
@ -34,6 +34,9 @@
|
|||
"vite": "^7.3.1",
|
||||
"vitest": "^4.0.18"
|
||||
},
|
||||
"overrides": {
|
||||
"serialize-javascript": ">=7.0.3"
|
||||
},
|
||||
"dependencies": {
|
||||
"@anthropic-ai/claude-agent-sdk": "^0.2.70",
|
||||
"@codemirror/lang-cpp": "^6.0.3",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue