From 5fbcf381c8b385d79798b5f56a87451900444be2 Mon Sep 17 00:00:00 2001 From: simeng-li Date: Thu, 31 Oct 2024 11:15:37 +0800 Subject: [PATCH] chore: override @75lb/deep-merge package version (#6725) override @75lb/deep-merge package version to address security issue --- package.json | 3 ++- pnpm-lock.yaml | 16 ++++++---------- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/package.json b/package.json index 93fe348a5..1a725f6b6 100644 --- a/package.json +++ b/package.json @@ -44,7 +44,8 @@ "overrides": { "formidable@<3.2.4": "^3.2.4", "d3-color@2.0.0": "^3.1.0", - "braces@<3.0.3": "^3.0.3" + "braces@<3.0.3": "^3.0.3", + "@75lb/deep-merge@<1.1.2": "^1.1.2" }, "peerDependencyRules": { "allowedVersions": { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 8e8d87130..115bc9f64 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -8,6 +8,7 @@ overrides: formidable@<3.2.4: ^3.2.4 d3-color@2.0.0: ^3.1.0 braces@<3.0.3: ^3.0.3 + '@75lb/deep-merge@<1.1.2': ^1.1.2 importers: @@ -4454,8 +4455,8 @@ importers: packages: - '@75lb/deep-merge@1.1.1': - resolution: {integrity: sha512-xvgv6pkMGBA6GwdyJbNAnDmfAIR/DfWhrj9jgWh3TY7gRm3KO46x/GPjRg6wJ0nOepwqrNxFfojebh0Df4h4Tw==} + '@75lb/deep-merge@1.1.2': + resolution: {integrity: sha512-08K9ou5VNbheZFxM5tDWoqjA3ImC50DiuuJ2tj1yEPRfkp8lLLg6XAaJ4On+a0yAXor/8ay5gHnAIshRM44Kpw==} engines: {node: '>=12.17'} '@aashutoshrathi/word-wrap@1.2.6': @@ -10769,9 +10770,6 @@ packages: lodash-es@4.17.21: resolution: {integrity: sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==} - lodash.assignwith@4.2.0: - resolution: {integrity: sha512-ZznplvbvtjK2gMvnQ1BR/zqPFZmS6jbK4p+6Up4xcRYA7yMIwxHCfbTcrYxXKzzqLsQ05eJPVznEW3tuwV7k1g==} - lodash.camelcase@4.3.0: resolution: {integrity: sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==} @@ -14006,9 +14004,9 @@ packages: snapshots: - '@75lb/deep-merge@1.1.1': + '@75lb/deep-merge@1.1.2': dependencies: - lodash.assignwith: 4.2.0 + lodash: 4.17.21 typical: 7.1.1 '@aashutoshrathi/word-wrap@1.2.6': {} @@ -22309,8 +22307,6 @@ snapshots: lodash-es@4.17.21: {} - lodash.assignwith@4.2.0: {} - lodash.camelcase@4.3.0: {} lodash.get@4.4.2: {} @@ -25301,7 +25297,7 @@ snapshots: table-layout@3.0.2: dependencies: - '@75lb/deep-merge': 1.1.1 + '@75lb/deep-merge': 1.1.2 array-back: 6.2.2 command-line-args: 5.2.1 command-line-usage: 7.0.2