Skip to content

Commit ac09c57

Browse files
authored
fix: patch transitive dep CVEs in nextjs-frontend via yarn resolutions (#285)
Pin brace-expansion >=1.1.13 (CVE-2026-33750, CVE-2025-5889), @eslint/plugin-kit >=0.3.4 (GHSA-xffm-g5w8-qvg7), and ajv >=6.14.0 (CVE-2025-69873) to their patched versions. All four advisories now clear; yarn audit reports 0 vulnerabilities. https://claude.ai/code/session_01SBgjmJodHCRpFysr7ss1Dn Signed-off-by: Jack Luar <jluar@precisioninno.com>
1 parent f012e20 commit ac09c57

2 files changed

Lines changed: 48 additions & 65 deletions

File tree

frontend/nextjs-frontend/package.json

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,9 @@
4242
"extends": "next"
4343
},
4444
"resolutions": {
45-
"postcss": "^8.5.10"
45+
"postcss": "^8.5.10",
46+
"brace-expansion": ">=1.1.13",
47+
"@eslint/plugin-kit": ">=0.3.4",
48+
"ajv": ">=6.14.0"
4649
}
4750
}

frontend/nextjs-frontend/yarn.lock

Lines changed: 44 additions & 64 deletions
Original file line numberDiff line numberDiff line change
@@ -40,20 +40,20 @@
4040
debug "^4.3.1"
4141
minimatch "^3.1.2"
4242

43-
"@eslint/core@^0.10.0":
44-
version "0.10.0"
45-
resolved "https://registry.npmjs.org/@eslint/core/-/core-0.10.0.tgz"
46-
integrity sha512-gFHJ+xBOo4G3WRlR1e/3G8A6/KZAH6zcE/hkLRCZTi/B9avAG365QhFA8uOGzTMqgTghpn7/fSnscW++dpMSAw==
47-
dependencies:
48-
"@types/json-schema" "^7.0.15"
49-
5043
"@eslint/core@^0.11.0":
5144
version "0.11.0"
5245
resolved "https://registry.npmjs.org/@eslint/core/-/core-0.11.0.tgz"
5346
integrity sha512-DWUB2pksgNEb6Bz2fggIy1wh6fGgZP4Xyy/Mt0QZPiloKKXerbqq9D3SBQTlCRYOrcRPu4vuz+CGjwdfqxnoWA==
5447
dependencies:
5548
"@types/json-schema" "^7.0.15"
5649

50+
"@eslint/core@^1.2.1":
51+
version "1.2.1"
52+
resolved "https://registry.yarnpkg.com/@eslint/core/-/core-1.2.1.tgz#c1da7cd1b82fa8787f98b5629fb811848a1b63ce"
53+
integrity sha512-MwcE1P+AZ4C6DWlpin/OmOA54mmIZ/+xZuJiQd4SyB29oAJjN30UW9wkKNptW2ctp4cEsvhlLY/CsQ1uoHDloQ==
54+
dependencies:
55+
"@types/json-schema" "^7.0.15"
56+
5757
"@eslint/eslintrc@^3.2.0":
5858
version "3.2.0"
5959
resolved "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.2.0.tgz"
@@ -79,12 +79,12 @@
7979
resolved "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.6.tgz"
8080
integrity sha512-RBMg5FRL0I0gs51M/guSAj5/e14VQ4tpZnQNWwuDT66P14I43ItmPfIZRhO9fUVIPOAQXU47atlywZ/czoqFPA==
8181

82-
"@eslint/plugin-kit@^0.2.5":
83-
version "0.2.5"
84-
resolved "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.5.tgz"
85-
integrity sha512-lB05FkqEdUg2AA0xEbUz0SnkXT1LcCTa438W4IWTUh4hdOnVbQyOJ81OrDXsJk/LSiJHubgGEFoR5EHq1NsH1A==
82+
"@eslint/plugin-kit@>=0.3.4", "@eslint/plugin-kit@^0.2.5":
83+
version "0.7.2"
84+
resolved "https://registry.yarnpkg.com/@eslint/plugin-kit/-/plugin-kit-0.7.2.tgz#4b0962f3f2c7ce8bc98b3ecfe34525c09d2cb729"
85+
integrity sha512-+CNAzxglkrpNf/kKywqQfk74QjtceuOE7Qm+AF8miRvPF/wmmK5+OJOgVh3AVTT3RP2mH3+FOaxlE5v72owk0A==
8686
dependencies:
87-
"@eslint/core" "^0.10.0"
87+
"@eslint/core" "^1.2.1"
8888
levn "^0.4.1"
8989

9090
"@heroicons/react@^2.2.0":
@@ -645,15 +645,15 @@ acorn@^8.14.0:
645645
resolved "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz"
646646
integrity sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==
647647

648-
ajv@^6.12.4:
649-
version "6.12.6"
650-
resolved "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz"
651-
integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==
648+
ajv@>=6.14.0, ajv@^6.12.4:
649+
version "8.20.0"
650+
resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.20.0.tgz#304b3636add88ba7d936760dd50ece006dea95f9"
651+
integrity sha512-Thbli+OlOj+iMPYFBVBfJ3OmCAnaSyNn4M1vz9T6Gka5Jt9ba/HIR56joy65tY6kx/FCF5VXNB819Y7/GUrBGA==
652652
dependencies:
653-
fast-deep-equal "^3.1.1"
654-
fast-json-stable-stringify "^2.0.0"
655-
json-schema-traverse "^0.4.1"
656-
uri-js "^4.2.2"
653+
fast-deep-equal "^3.1.3"
654+
fast-uri "^3.0.1"
655+
json-schema-traverse "^1.0.0"
656+
require-from-string "^2.0.2"
657657

658658
ansi-styles@^4.1.0:
659659
version "4.3.0"
@@ -804,30 +804,22 @@ bail@^2.0.0:
804804
resolved "https://registry.npmjs.org/bail/-/bail-2.0.2.tgz"
805805
integrity sha512-0xO6mYd7JB2YesxDKplafRpsiOzPt9V02ddPCLbY1xYGPOX24NTyN50qnUxgCPcSoYMhKpAuBTjQoRZCAkUDRw==
806806

807-
balanced-match@^1.0.0:
808-
version "1.0.2"
809-
resolved "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz"
810-
integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==
807+
balanced-match@^4.0.2:
808+
version "4.0.4"
809+
resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-4.0.4.tgz#bfb10662feed8196a2c62e7c68e17720c274179a"
810+
integrity sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==
811811

812812
baseline-browser-mapping@^2.9.19:
813813
version "2.10.8"
814814
resolved "https://registry.yarnpkg.com/baseline-browser-mapping/-/baseline-browser-mapping-2.10.8.tgz#23d1cea1a85b181c2b8660b6cfe626dc2fb15630"
815815
integrity sha512-PCLz/LXGBsNTErbtB6i5u4eLpHeMfi93aUv5duMmj6caNu6IphS4q6UevDnL36sZQv9lrP11dbPKGMaXPwMKfQ==
816816

817-
brace-expansion@^1.1.7:
818-
version "1.1.11"
819-
resolved "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz"
820-
integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==
821-
dependencies:
822-
balanced-match "^1.0.0"
823-
concat-map "0.0.1"
824-
825-
brace-expansion@^2.0.2:
826-
version "2.0.2"
827-
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-2.0.2.tgz#54fc53237a613d854c7bd37463aad17df87214e7"
828-
integrity sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==
817+
brace-expansion@>=1.1.13, brace-expansion@^1.1.7, brace-expansion@^2.0.2:
818+
version "5.0.6"
819+
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-5.0.6.tgz#ec68fe0a641a29d8711579caf641d05bae1f2285"
820+
integrity sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==
829821
dependencies:
830-
balanced-match "^1.0.0"
822+
balanced-match "^4.0.2"
831823

832824
braces@^3.0.3:
833825
version "3.0.3"
@@ -937,11 +929,6 @@ comma-separated-tokens@^2.0.0:
937929
resolved "https://registry.npmjs.org/comma-separated-tokens/-/comma-separated-tokens-2.0.3.tgz"
938930
integrity sha512-Fu4hJdvzeylCfQPp9SGWidpzrMs7tTrlu6Vb8XGaRGck8QSNZJJp538Wrb60Lax4fPwR64ViY468OIUTbRlGZg==
939931

940-
concat-map@0.0.1:
941-
version "0.0.1"
942-
resolved "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz"
943-
integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==
944-
945932
cross-spawn@^7.0.6:
946933
version "7.0.6"
947934
resolved "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz"
@@ -1460,7 +1447,7 @@ extend@^3.0.0:
14601447
resolved "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz"
14611448
integrity sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==
14621449

1463-
fast-deep-equal@^3.1.1, fast-deep-equal@^3.1.3:
1450+
fast-deep-equal@^3.1.3:
14641451
version "3.1.3"
14651452
resolved "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz"
14661453
integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==
@@ -1492,16 +1479,16 @@ fast-glob@^3.3.2:
14921479
merge2 "^1.3.0"
14931480
micromatch "^4.0.8"
14941481

1495-
fast-json-stable-stringify@^2.0.0:
1496-
version "2.1.0"
1497-
resolved "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz"
1498-
integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==
1499-
15001482
fast-levenshtein@^2.0.6:
15011483
version "2.0.6"
15021484
resolved "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz"
15031485
integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
15041486

1487+
fast-uri@^3.0.1:
1488+
version "3.1.2"
1489+
resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.1.2.tgz#8af3d4fc9d3e71b11572cc2673b514a7d1a8c8ec"
1490+
integrity sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==
1491+
15051492
fastq@^1.6.0:
15061493
version "1.19.0"
15071494
resolved "https://registry.npmjs.org/fastq/-/fastq-1.19.0.tgz"
@@ -2069,10 +2056,10 @@ json-buffer@3.0.1:
20692056
resolved "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz"
20702057
integrity sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==
20712058

2072-
json-schema-traverse@^0.4.1:
2073-
version "0.4.1"
2074-
resolved "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz"
2075-
integrity sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==
2059+
json-schema-traverse@^1.0.0:
2060+
version "1.0.0"
2061+
resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz#ae7bcb3656ab77a73ba5c49bf654f38e6b6860e2"
2062+
integrity sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==
20762063

20772064
json-stable-stringify-without-jsonify@^1.0.1:
20782065
version "1.0.1"
@@ -2975,11 +2962,6 @@ property-information@^7.0.0:
29752962
resolved "https://registry.npmjs.org/property-information/-/property-information-7.1.0.tgz"
29762963
integrity sha512-TwEZ+X+yCJmYfL7TPUOcvBZ4QfoT5YenQiJuX//0th53DE6w0xxLEtfK3iyryQFddXuvkIk51EEgrJQ0WJkOmQ==
29772964

2978-
punycode@^2.1.0:
2979-
version "2.3.1"
2980-
resolved "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz"
2981-
integrity sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==
2982-
29832965
queue-microtask@^1.2.2:
29842966
version "1.2.3"
29852967
resolved "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz"
@@ -3108,6 +3090,11 @@ remark-stringify@^11.0.0:
31083090
mdast-util-to-markdown "^2.0.0"
31093091
unified "^11.0.0"
31103092

3093+
require-from-string@^2.0.2:
3094+
version "2.0.2"
3095+
resolved "https://registry.yarnpkg.com/require-from-string/-/require-from-string-2.0.2.tgz#89a7fdd938261267318eafe14f9c32e598c36909"
3096+
integrity sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==
3097+
31113098
resolve-from@^4.0.0:
31123099
version "4.0.0"
31133100
resolved "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz"
@@ -3626,13 +3613,6 @@ update-browserslist-db@^1.1.1:
36263613
escalade "^3.2.0"
36273614
picocolors "^1.1.1"
36283615

3629-
uri-js@^4.2.2:
3630-
version "4.4.1"
3631-
resolved "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz"
3632-
integrity sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==
3633-
dependencies:
3634-
punycode "^2.1.0"
3635-
36363616
vfile-message@^4.0.0:
36373617
version "4.0.2"
36383618
resolved "https://registry.npmjs.org/vfile-message/-/vfile-message-4.0.2.tgz"

0 commit comments

Comments
 (0)