Fix koa vulnerability - Update to 2.15.4 (#600)

brunojppb · tajo · web-flow · commit ce4d50936942 · 2025-03-19T18:07:25.000-07:00
* Update koa to fix vulnerability

* Update actions/upload to v4

* Generate changeset file

---------

Co-authored-by: Vojtech Miksu &lt;vojtech@miksu.cz&gt;
diff --git a/.changeset/spotty-wombats-look.md b/.changeset/spotty-wombats-look.md
@@ -0,0 +1,6 @@
+---
+"@ladle/react": patch
+---
+
+Update Koa to fix Vulnerability [CVE-2025-25200](https://nvd.nist.gov/vuln/detail/CVE-2025-25200)
+Update [actions/upload-artifact](https://github.com/actions/upload-artifact) from v3 to v4
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -56,6 +56,6 @@ jobs:
       - uses: actions/upload-artifact@v4
         if: always()
         with:
-          name: playwright-report
-          path: playwright-report/
+          name: playwright-report-${{ matrix.runs-on }}
+          path: playwright-report-${{ matrix.runs-on }}/
           retention-days: 30
diff --git a/packages/ladle/package.json b/packages/ladle/package.json
@@ -58,7 +58,7 @@
     "get-port": "^7.1.0",
     "globby": "^14.0.2",
     "history": "^5.3.0",
-    "koa": "^2.15.3",
+    "koa": "^2.15.4",
     "koa-connect": "^2.1.0",
     "lodash.merge": "^4.6.2",
     "msw": "^2.7.0",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
