From b1bc3d112332721383acf5804d2e7443fa55d1c5 Mon Sep 17 00:00:00 2001 From: Darcy Ye Date: Thu, 25 Sep 2025 17:33:48 +0800 Subject: [PATCH] chore: fix vulnerabilities --- package.json | 7 ++++++- pnpm-lock.yaml | 47 ++++++++++++++++++++++++++--------------------- 2 files changed, 32 insertions(+), 22 deletions(-) diff --git a/package.json b/package.json index c2d6ed9..d3de6c3 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,12 @@ "vite@>=5.0.0 <5.4.12": "^5.4.12", "ws@>=6.0.0 <6.2.3": "^6.2.3", "ws@>=7.0.0 <7.5.10": "^7.5.10", - "form-data@>=3.0.0 <3.0.4": "^3.0.4" + "form-data@>=3.0.0 <3.0.4": "^3.0.4", + "vite@>=5.0.0 <=5.4.18": "^5.4.19", + "brace-expansion@>=1.0.0 <=1.1.11": "^1.1.12", + "brace-expansion@>=2.0.0 <=2.0.1": "^2.0.2", + "on-headers@<1.1.0": "^1.1.0", + "vite@<=5.4.19": "^5.4.20" } } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 2c01605..fb2162a 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -16,6 +16,11 @@ overrides: ws@>=6.0.0 <6.2.3: ^6.2.3 ws@>=7.0.0 <7.5.10: ^7.5.10 form-data@>=3.0.0 <3.0.4: ^3.0.4 + vite@>=5.0.0 <=5.4.18: ^5.4.19 + brace-expansion@>=1.0.0 <=1.1.11: ^1.1.12 + brace-expansion@>=2.0.0 <=2.0.1: ^2.0.2 + on-headers@<1.1.0: ^1.1.0 + vite@<=5.4.19: ^5.4.20 importers: @@ -1828,7 +1833,7 @@ packages: resolution: {integrity: sha512-kOtd6K2lc7SQ0mBqYv/wdGedlqPdM/B38paPY+OwJ1XiNi44w3Fpog82UfOibmHaV9Wod18A09I9SCKLyDMqgw==} peerDependencies: msw: ^2.4.9 - vite: ^5.4.12 + vite: ^5.4.20 peerDependenciesMeta: msw: optional: true @@ -2136,11 +2141,11 @@ packages: resolution: {integrity: sha512-apC2+fspHGI3mMKj+dGevkGo/tCqVB8jMb6i+OX+E29p0Iposz07fABkRIfVUPNd5A5VbuOz1bZbnmkKLYF+wQ==} engines: {node: '>= 5.10.0'} - brace-expansion@1.1.11: - resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==} + brace-expansion@1.1.12: + resolution: {integrity: sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==} - brace-expansion@2.0.1: - resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} + brace-expansion@2.0.2: + resolution: {integrity: sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==} braces@3.0.3: resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} @@ -4360,8 +4365,8 @@ packages: resolution: {integrity: sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==} engines: {node: '>= 0.8'} - on-headers@1.0.2: - resolution: {integrity: sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==} + on-headers@1.1.0: + resolution: {integrity: sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==} engines: {node: '>= 0.8'} once@1.4.0: @@ -5537,8 +5542,8 @@ packages: engines: {node: ^18.0.0 || ^20.0.0 || >=22.0.0} hasBin: true - vite@5.4.18: - resolution: {integrity: sha512-1oDcnEp3lVyHCuQ2YFelM4Alm2o91xNoMncRm1U7S+JdYfYOvbiGZ3/CxGttrOu2M/KcGz7cRC2DoNUA6urmMA==} + vite@5.4.20: + resolution: {integrity: sha512-j3lYzGC3P+B5Yfy/pfKNgVEg4+UtcIJcVRt2cDjIOmhLourAqPqf8P7acgxeiSgUB7E3p2P8/3gNIgDLpwzs4g==} engines: {node: ^18.0.0 || >=20.0.0} hasBin: true peerDependencies: @@ -7937,13 +7942,13 @@ snapshots: chai: 5.2.0 tinyrainbow: 2.0.0 - '@vitest/mocker@3.1.2(vite@5.4.18(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0))': + '@vitest/mocker@3.1.2(vite@5.4.20(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0))': dependencies: '@vitest/spy': 3.1.2 estree-walker: 3.0.3 magic-string: 0.30.17 optionalDependencies: - vite: 5.4.18(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0) + vite: 5.4.20(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0) '@vitest/pretty-format@3.1.2': dependencies: @@ -8298,12 +8303,12 @@ snapshots: dependencies: big-integer: 1.6.52 - brace-expansion@1.1.11: + brace-expansion@1.1.12: dependencies: balanced-match: 1.0.2 concat-map: 0.0.1 - brace-expansion@2.0.1: + brace-expansion@2.0.2: dependencies: balanced-match: 1.0.2 @@ -8548,7 +8553,7 @@ snapshots: compressible: 2.0.18 debug: 2.6.9 negotiator: 0.6.4 - on-headers: 1.0.2 + on-headers: 1.1.0 safe-buffer: 5.2.1 vary: 1.1.2 transitivePeerDependencies: @@ -10741,11 +10746,11 @@ snapshots: minimatch@3.1.2: dependencies: - brace-expansion: 1.1.11 + brace-expansion: 1.1.12 minimatch@9.0.5: dependencies: - brace-expansion: 2.0.1 + brace-expansion: 2.0.2 minimist-options@4.1.0: dependencies: @@ -10915,7 +10920,7 @@ snapshots: dependencies: ee-first: 1.1.1 - on-headers@1.0.2: {} + on-headers@1.1.0: {} once@1.4.0: dependencies: @@ -12347,7 +12352,7 @@ snapshots: debug: 4.4.0 es-module-lexer: 1.7.0 pathe: 2.0.3 - vite: 5.4.18(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0) + vite: 5.4.20(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0) transitivePeerDependencies: - '@types/node' - less @@ -12359,7 +12364,7 @@ snapshots: - supports-color - terser - vite@5.4.18(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0): + vite@5.4.20(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0): dependencies: esbuild: 0.25.3 postcss: 8.5.3 @@ -12373,7 +12378,7 @@ snapshots: vitest@3.1.2(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0): dependencies: '@vitest/expect': 3.1.2 - '@vitest/mocker': 3.1.2(vite@5.4.18(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0)) + '@vitest/mocker': 3.1.2(vite@5.4.20(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0)) '@vitest/pretty-format': 3.1.2 '@vitest/runner': 3.1.2 '@vitest/snapshot': 3.1.2 @@ -12390,7 +12395,7 @@ snapshots: tinyglobby: 0.2.13 tinypool: 1.0.2 tinyrainbow: 2.0.0 - vite: 5.4.18(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0) + vite: 5.4.20(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0) vite-node: 3.1.2(@types/node@22.14.1)(lightningcss@1.27.0)(terser@5.39.0) why-is-node-running: 2.3.0 optionalDependencies: