Skip to content

Commit b11c947

Browse files
antonisclaude
antonis
and
claude
committed
chore(deps): bump ajv to fix ReDoS in $data option
Adds resolutions to fix ReDoS vulnerability when using the $data option: - 8.x consumers (appium exact pin 8.12.0 + ^8.x ranges): bumped to 8.18.0 - 6.x consumers (eslint, @eslint/eslintrc): consolidated onto 8.18.0 via unscoped resolution (build and tests pass with 8.x) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent cb7404a commit b11c947

2 files changed

Lines changed: 16 additions & 49 deletions

File tree

package.json

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,13 @@
6060
},
6161
"resolutions": {
6262
"appium-chromedriver@npm:5.6.73/@xmldom/xmldom": "0.8.10",
63+
"ajv": "^8.18.0",
64+
"appium@npm:2.4.1/ajv": "^8.18.0",
65+
"@eslint/eslintrc@npm:2.1.4/ajv": "^6.14.0",
66+
"@eslint/eslintrc@npm:3.3.3/ajv": "^6.14.0",
67+
"eslint@npm:8.57.0/ajv": "^6.14.0",
68+
"eslint@npm:8.57.1/ajv": "^6.14.0",
69+
"eslint@npm:9.39.2/ajv": "^6.14.0",
6370
"form-data": "4.0.4",
6471
"tar-fs": "^3.1.1",
6572
"tar": "^7.5.7"

yarn.lock

Lines changed: 9 additions & 49 deletions
Original file line numberDiff line numberDiff line change
@@ -13682,39 +13682,15 @@ __metadata:
1368213682
languageName: node
1368313683
linkType: hard
1368413684

13685-
"ajv@npm:8.12.0":
13686-
version: 8.12.0
13687-
resolution: "ajv@npm:8.12.0"
13685+
"ajv@npm:^8.18.0":
13686+
version: 8.18.0
13687+
resolution: "ajv@npm:8.18.0"
1368813688
dependencies:
13689-
fast-deep-equal: ^3.1.1
13689+
fast-deep-equal: ^3.1.3
13690+
fast-uri: ^3.0.1
1369013691
json-schema-traverse: ^1.0.0
1369113692
require-from-string: ^2.0.2
13692-
uri-js: ^4.2.2
13693-
checksum: 4dc13714e316e67537c8b31bc063f99a1d9d9a497eb4bbd55191ac0dcd5e4985bbb71570352ad6f1e76684fb6d790928f96ba3b2d4fd6e10024be9612fe3f001
13694-
languageName: node
13695-
linkType: hard
13696-
13697-
"ajv@npm:^6.12.4":
13698-
version: 6.12.6
13699-
resolution: "ajv@npm:6.12.6"
13700-
dependencies:
13701-
fast-deep-equal: "npm:^3.1.1"
13702-
fast-json-stable-stringify: "npm:^2.0.0"
13703-
json-schema-traverse: "npm:^0.4.1"
13704-
uri-js: "npm:^4.2.2"
13705-
checksum: 874972efe5c4202ab0a68379481fbd3d1b5d0a7bd6d3cc21d40d3536ebff3352a2a1fabb632d4fd2cc7fe4cbdcd5ed6782084c9bbf7f32a1536d18f9da5007d4
13706-
languageName: node
13707-
linkType: hard
13708-
13709-
"ajv@npm:^8.0.0, ajv@npm:^8.11.0, ajv@npm:^8.6.3":
13710-
version: 8.17.1
13711-
resolution: "ajv@npm:8.17.1"
13712-
dependencies:
13713-
fast-deep-equal: "npm:^3.1.3"
13714-
fast-uri: "npm:^3.0.1"
13715-
json-schema-traverse: "npm:^1.0.0"
13716-
require-from-string: "npm:^2.0.2"
13717-
checksum: 1797bf242cfffbaf3b870d13565bd1716b73f214bb7ada9a497063aada210200da36e3ed40237285f3255acc4feeae91b1fb183625331bad27da95973f7253d9
13693+
checksum: bcdf6c7b040ca488108e2b4e219b31cf9ed478331007d4dd1ed8acc3946dd6b84295817c0f4724207b8dd8589c9966168b2fd4c7f32109d4b8526cdd3743e936
1371813694
languageName: node
1371913695
linkType: hard
1372013696

@@ -20059,7 +20035,7 @@ __metadata:
2005920035
languageName: node
2006020036
linkType: hard
2006120037

20062-
"fast-deep-equal@npm:^3.1.1, fast-deep-equal@npm:^3.1.3":
20038+
"fast-deep-equal@npm:^3.1.3":
2006320039
version: 3.1.3
2006420040
resolution: "fast-deep-equal@npm:3.1.3"
2006520041
checksum: e21a9d8d84f53493b6aa15efc9cfd53dd5b714a1f23f67fb5dc8f574af80df889b3bce25dc081887c6d25457cce704e636395333abad896ccdec03abaf1f3f9d
@@ -20093,7 +20069,7 @@ __metadata:
2009320069
languageName: node
2009420070
linkType: hard
2009520071

20096-
"fast-json-stable-stringify@npm:2.x, fast-json-stable-stringify@npm:^2.0.0, fast-json-stable-stringify@npm:^2.1.0":
20072+
"fast-json-stable-stringify@npm:2.x, fast-json-stable-stringify@npm:^2.1.0":
2009720073
version: 2.1.0
2009820074
resolution: "fast-json-stable-stringify@npm:2.1.0"
2009920075
checksum: b191531e36c607977e5b1c47811158733c34ccb3bfde92c44798929e9b4154884378536d26ad90dfecd32e1ffc09c545d23535ad91b3161a27ddbb8ebe0cbecb
@@ -23747,13 +23723,6 @@ __metadata:
2374723723
languageName: node
2374823724
linkType: hard
2374923725

23750-
"json-schema-traverse@npm:^0.4.1":
23751-
version: 0.4.1
23752-
resolution: "json-schema-traverse@npm:0.4.1"
23753-
checksum: 7486074d3ba247769fda17d5181b345c9fb7d12e0da98b22d1d71a5db9698d8b4bd900a3ec1a4ffdd60846fc2556274a5c894d0c48795f14cb03aeae7b55260b
23754-
languageName: node
23755-
linkType: hard
23756-
2375723726
"json-schema-traverse@npm:^1.0.0":
2375823727
version: 1.0.0
2375923728
resolution: "json-schema-traverse@npm:1.0.0"
@@ -28938,7 +28907,7 @@ __metadata:
2893828907
languageName: node
2893928908
linkType: hard
2894028909

28941-
"punycode@npm:^2.1.0, punycode@npm:^2.1.1":
28910+
"punycode@npm:^2.1.1":
2894228911
version: 2.3.1
2894328912
resolution: "punycode@npm:2.3.1"
2894428913
checksum: bb0a0ceedca4c3c57a9b981b90601579058903c62be23c5e8e843d2c2d4148a3ecf029d5133486fb0e1822b098ba8bba09e89d6b21742d02fa26bda6441a6fb2
@@ -34048,15 +34017,6 @@ __metadata:
3404834017
languageName: node
3404934018
linkType: hard
3405034019

34051-
"uri-js@npm:^4.2.2":
34052-
version: 4.4.1
34053-
resolution: "uri-js@npm:4.4.1"
34054-
dependencies:
34055-
punycode: "npm:^2.1.0"
34056-
checksum: 7167432de6817fe8e9e0c9684f1d2de2bb688c94388f7569f7dbdb1587c9f4ca2a77962f134ec90be0cc4d004c939ff0d05acc9f34a0db39a3c797dada262633
34057-
languageName: node
34058-
linkType: hard
34059-
3406034020
"url-parse@npm:^1.5.3":
3406134021
version: 1.5.10
3406234022
resolution: "url-parse@npm:1.5.10"

0 commit comments

Comments
 (0)