Skip to content

fix: mise à jour forcée de cookie pour cause de vulnérabilité #525

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ggounot merged 1 commit into from
Sep 4, 2025
Merged

fix: mise à jour forcée de cookie pour cause de vulnérabilité #525

ggounot merged 1 commit into from
Sep 4, 2025

Conversation

@ggounot
Copy link
Contributor

@ggounot ggounot commented Sep 4, 2025
edited
Loading

Concerne l'alerte de sécurité https://github.com/gip-inclusion/dora/security/dependabot/2

On doit forcer la mise à jour (override) car SvelteKit de peut pas se permettre de mettre à jour cookie avant sa version v3 car la version 0.7.0 de cookie comporte un breaking change. Celui-ci ne nous concerne pas et on peut donc forcer la mise à jour et ainsi éliminer la vulnérabilité et l'alerte de sécurité.

Voir : sveltejs/kit#12767

@ggounot
fix: mise à jour forcée de cookie pour cause de vulnérabilité
921c605 
On doit la forcer (override) car il est impossibilité pour SvelteKit de mettre à jour cookie avant la v3. La version 0.7.0 contient un breaking change mais qui ne nous concerne pas.

Voir : sveltejs/kit#12767
@ggounot ggounot requested a review from dmc1985 September 4, 2025 13:54
@ggounot ggounot merged commit df94143 into main Sep 4, 2025
7 checks passed
@ggounot ggounot deleted the fix/override-cookie-upgrade branch September 4, 2025 13:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dmc1985 dmc1985 dmc1985 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ggounot @dmc1985