From 85720ad190a2aaaed44567d93841a68c070dd7b9 Mon Sep 17 00:00:00 2001 From: Nithin Kumar B Date: Tue, 9 Sep 2025 13:55:55 +0530 Subject: [PATCH 1/3] fix: prevent vulnerable peer deps --- package.json | 20 +++++++++++++++++++- pnpm-lock.yaml | 43 +++++++++++++++++++++++++------------------ 2 files changed, 44 insertions(+), 19 deletions(-) diff --git a/package.json b/package.json index f1dfa02456..a65760039e 100644 --- a/package.json +++ b/package.json @@ -70,7 +70,25 @@ "graphql": "16.9.0", "cross-spawn": "7.0.6", "next": "15.2.4", - "zod": "3.24.2" + "zod": "3.24.2", + "chalk": "<=5.5.0", + "debug": "<=4.4.1", + "ansi-styles": "<=6.2.1", + "strip-ansi": "<=7.1.0", + "supports-color": "<=10.2.0", + "ansi-regex": "<=6.2.0", + "wrap-ansi": "<=9.0.0", + "color-convert": "<=3.1.0", + "color-name": "<=2.0.0", + "is-arrayish": "<=0.3.2", + "slice-ansi": "<=7.1.0", + "color": "<=5.0.0", + "color-string": "<=2.1.0", + "simple-swizzle": "<=0.2.2", + "supports-hyperlinks": "<=4.1.0", + "has-ansi": "<=6.0.0", + "chalk-template": "<=1.1.0", + "backslash": "<=0.2.0" }, "patchedDependencies": { "graphql@16.9.0": "patches/graphql@16.9.0.patch" diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index f417a71e93..c8829fef7c 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -10,6 +10,24 @@ overrides: cross-spawn: 7.0.6 next: 15.2.4 zod: 3.24.2 + chalk: <=5.5.0 + debug: <=4.4.1 + ansi-styles: <=6.2.1 + strip-ansi: <=7.1.0 + supports-color: <=10.2.0 + ansi-regex: <=6.2.0 + wrap-ansi: <=9.0.0 + color-convert: <=3.1.0 + color-name: <=2.0.0 + is-arrayish: <=0.3.2 + slice-ansi: <=7.1.0 + color: <=5.0.0 + color-string: <=2.1.0 + simple-swizzle: <=0.2.2 + supports-hyperlinks: <=4.1.0 + has-ansi: <=6.0.0 + chalk-template: <=1.1.0 + backslash: <=0.2.0 patchedDependencies: graphql@16.9.0: @@ -22485,7 +22503,7 @@ snapshots: bun-types@1.2.12: dependencies: - '@types/node': 18.19.122 + '@types/node': 20.12.12 optional: true bun-types@1.2.3: @@ -23895,7 +23913,7 @@ snapshots: eslint: 8.57.1 eslint-import-resolver-node: 0.3.7 eslint-import-resolver-typescript: 3.5.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-plugin-import@2.27.5(eslint@8.57.1))(eslint@8.57.1) - eslint-plugin-import: 2.27.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-typescript@3.5.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-plugin-import@2.27.5(eslint@8.57.1))(eslint@8.57.1))(eslint@8.57.1) + eslint-plugin-import: 2.27.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-typescript@3.5.5)(eslint@8.57.1) eslint-plugin-jsx-a11y: 6.7.1(eslint@8.57.1) eslint-plugin-react: 7.33.0(eslint@8.57.1) eslint-plugin-react-hooks: 4.6.0(eslint@8.57.1) @@ -23948,8 +23966,8 @@ snapshots: debug: 4.3.4 enhanced-resolve: 5.15.0 eslint: 8.57.1 - eslint-module-utils: 2.8.0(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-import-resolver-typescript@3.5.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-plugin-import@2.27.5(eslint@8.57.1))(eslint@8.57.1))(eslint@8.57.1) - eslint-plugin-import: 2.27.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-typescript@3.5.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-plugin-import@2.27.5(eslint@8.57.1))(eslint@8.57.1))(eslint@8.57.1) + eslint-module-utils: 2.8.0(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-import-resolver-typescript@3.5.5)(eslint@8.57.1) + eslint-plugin-import: 2.27.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-typescript@3.5.5)(eslint@8.57.1) get-tsconfig: 4.7.2 globby: 13.2.2 is-core-module: 2.12.1 @@ -23979,17 +23997,6 @@ snapshots: - eslint-import-resolver-webpack - supports-color - eslint-module-utils@2.8.0(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-import-resolver-typescript@3.5.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-plugin-import@2.27.5(eslint@8.57.1))(eslint@8.57.1))(eslint@8.57.1): - dependencies: - debug: 3.2.7 - optionalDependencies: - '@typescript-eslint/parser': 5.62.0(eslint@8.57.1)(typescript@5.5.2) - eslint: 8.57.1 - eslint-import-resolver-node: 0.3.7 - eslint-import-resolver-typescript: 3.5.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-plugin-import@2.27.5(eslint@8.57.1))(eslint@8.57.1) - transitivePeerDependencies: - - supports-color - eslint-module-utils@2.8.0(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-import-resolver-typescript@3.5.5)(eslint@8.57.1): dependencies: debug: 3.2.7 @@ -24024,7 +24031,7 @@ snapshots: eslint-utils: 2.1.0 regexpp: 3.2.0 - eslint-plugin-import@2.27.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-typescript@3.5.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-plugin-import@2.27.5(eslint@8.57.1))(eslint@8.57.1))(eslint@8.57.1): + eslint-plugin-import@2.27.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-typescript@3.5.5)(eslint@8.57.1): dependencies: array-includes: 3.1.6 array.prototype.flat: 1.3.1 @@ -24033,7 +24040,7 @@ snapshots: doctrine: 2.1.0 eslint: 8.57.1 eslint-import-resolver-node: 0.3.7 - eslint-module-utils: 2.8.0(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-import-resolver-typescript@3.5.5(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-plugin-import@2.27.5(eslint@8.57.1))(eslint@8.57.1))(eslint@8.57.1) + eslint-module-utils: 2.8.0(@typescript-eslint/parser@5.62.0(eslint@8.57.1)(typescript@5.5.2))(eslint-import-resolver-node@0.3.7)(eslint-import-resolver-typescript@3.5.5)(eslint@8.57.1) has: 1.0.3 is-core-module: 2.12.1 is-glob: 4.0.3 @@ -25591,7 +25598,7 @@ snapshots: jest-worker@27.5.1: dependencies: - '@types/node': 20.3.1 + '@types/node': 20.12.12 merge-stream: 2.0.0 supports-color: 8.1.1 From 3c32e69fbd28fa5fb083d06aa44052021df9e3d8 Mon Sep 17 00:00:00 2001 From: Nithin Kumar B Date: Tue, 9 Sep 2025 13:59:43 +0530 Subject: [PATCH 2/3] improve --- package.json | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/package.json b/package.json index a65760039e..1f8f479327 100644 --- a/package.json +++ b/package.json @@ -71,24 +71,24 @@ "cross-spawn": "7.0.6", "next": "15.2.4", "zod": "3.24.2", - "chalk": "<=5.5.0", - "debug": "<=4.4.1", - "ansi-styles": "<=6.2.1", - "strip-ansi": "<=7.1.0", - "supports-color": "<=10.2.0", - "ansi-regex": "<=6.2.0", - "wrap-ansi": "<=9.0.0", - "color-convert": "<=3.1.0", - "color-name": "<=2.0.0", - "is-arrayish": "<=0.3.2", - "slice-ansi": "<=7.1.0", - "color": "<=5.0.0", - "color-string": "<=2.1.0", - "simple-swizzle": "<=0.2.2", - "supports-hyperlinks": "<=4.1.0", - "has-ansi": "<=6.0.0", - "chalk-template": "<=1.1.0", - "backslash": "<=0.2.0" + "chalk": "<5.6.1", + "debug": "<4.4.2", + "ansi-styles": "<6.2.2", + "strip-ansi": "<7.1.1", + "supports-color": "<10.2.1", + "ansi-regex": "<6.2.1", + "wrap-ansi": "<9.0.1", + "color-convert": "<3.1.1", + "color-name": "<2.0.1", + "is-arrayish": "<0.3.3", + "slice-ansi": "<7.1.1", + "color": "<5.0.1", + "color-string": "<2.1.1", + "simple-swizzle": "<0.2.3", + "supports-hyperlinks": "<4.1.1", + "has-ansi": "<6.0.1", + "chalk-template": "<1.1.1", + "backslash": "<0.2.1" }, "patchedDependencies": { "graphql@16.9.0": "patches/graphql@16.9.0.patch" From e250d65b9de2213d6e8a1e6a242834f7e0136045 Mon Sep 17 00:00:00 2001 From: Nithin Kumar B Date: Tue, 9 Sep 2025 14:07:39 +0530 Subject: [PATCH 3/3] update lockfile --- pnpm-lock.yaml | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c8829fef7c..b3c2948471 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -10,24 +10,24 @@ overrides: cross-spawn: 7.0.6 next: 15.2.4 zod: 3.24.2 - chalk: <=5.5.0 - debug: <=4.4.1 - ansi-styles: <=6.2.1 - strip-ansi: <=7.1.0 - supports-color: <=10.2.0 - ansi-regex: <=6.2.0 - wrap-ansi: <=9.0.0 - color-convert: <=3.1.0 - color-name: <=2.0.0 - is-arrayish: <=0.3.2 - slice-ansi: <=7.1.0 - color: <=5.0.0 - color-string: <=2.1.0 - simple-swizzle: <=0.2.2 - supports-hyperlinks: <=4.1.0 - has-ansi: <=6.0.0 - chalk-template: <=1.1.0 - backslash: <=0.2.0 + chalk: <5.6.1 + debug: <4.4.2 + ansi-styles: <6.2.2 + strip-ansi: <7.1.1 + supports-color: <10.2.1 + ansi-regex: <6.2.1 + wrap-ansi: <9.0.1 + color-convert: <3.1.1 + color-name: <2.0.1 + is-arrayish: <0.3.3 + slice-ansi: <7.1.1 + color: <5.0.1 + color-string: <2.1.1 + simple-swizzle: <0.2.3 + supports-hyperlinks: <4.1.1 + has-ansi: <6.0.1 + chalk-template: <1.1.1 + backslash: <0.2.1 patchedDependencies: graphql@16.9.0: