Commit df1e102

and

committed

fix: address tar CVE by removing electron samples from workspaces and overriding tar to ^7.5.3

- Remove ElectronSystemBrowserTestApp from msal-node-samples workspace glob (explicit list) - Remove extensions/samples/* wildcard (electron-webpack also used @electron-forge) - Add overrides.tar = ^7.5.3 to fix remaining tar@6.2.1 via @angular/cli 19 -> pacote chain (Angular CLI 19.x will not receive an official fix per angular/angular-cli#32324) - Regenerate package-lock.json: tar now resolves to 7.5.13 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

1 parent e35aafe commit df1e102Copy full SHA for df1e102

2 files changed

package-lock.json
package.json

Comments

(0)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit df1e102

File tree

0 commit comments