fix(security): update all vulnerable dependencies

Resolutions: - `nano@^10.1.3`, - `msgpackr@^1.10.1`, - `axios@^1.6.7` Fixes: - [GHSA-wf5p-g6vw-rhxx](GHSA-wf5p-g6vw-rhxx) (`CVE-2023-45857`) - [GHSA-jchw-25xp-jwwc](GHSA-jchw-25xp-jwwc) (`CVE-2023-26159`) - [GHSA-7hpj-7hhx-2fgx](GHSA-7hpj-7hhx-2fgx) (`CVE-2023-52079`) Ref: nrwl/nx#20493 Ref: eclipse-theia/theia#13365 Signed-off-by: Akos Kitta <[email protected]>
arduino · Feb 8, 2024 · 5ec9d43 · 5ec9d43
1 parent 74c5801
commit 5ec9d43
Show file tree

Hide file tree

Showing 2 changed files with 553 additions and 327 deletions.
diff --git a/package.json b/package.json
@@ -10,7 +10,10 @@
     "node": ">=18.17.0 <21"
   },
   "resolutions": {
-    "@theia/cli/@babel/traverse": "^7.23.2"
+    "@theia/cli/@babel/traverse": "^7.23.2",
+    "@theia/cli/@theia/application-package/nano": "^10.1.3",
+    "**/@theia/core/msgpackr": "^1.10.1",
+    "nx/axios": "^1.6.7"
   },
   "devDependencies": {
     "@theia/cli": "1.41.0",
@@ -26,7 +29,7 @@
     "husky": "^6.0.0",
     "ignore-styles": "^5.0.1",
     "js-yaml": "4.1.0",
-    "lerna": "^7.1.4",
+    "lerna": "^8.1.2",
     "lint-staged": "^11.0.0",
     "node-fetch": "^2.6.1",
     "node-gyp": "^9.3.0",