Skip to content

Commit 11acf44

Browse files
chore(deps): update dependency happy-dom to v20.8.9 [security] (#298)
* chore(deps): update dependency happy-dom to v20.8.9 [security] * Fix an error caused by no-downgrade policy * Add more context on tinyexec@1.2.2 --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: IzumiSy <beetle-noise@gmx.com>
1 parent fba0e82 commit 11acf44

3 files changed

Lines changed: 51 additions & 38 deletions

File tree

packages/core/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -76,7 +76,7 @@
7676
"@types/react": "catalog:",
7777
"@types/react-dom": "catalog:",
7878
"@vitejs/plugin-react": "catalog:",
79-
"happy-dom": "^20.6.2",
79+
"happy-dom": "^20.9.0",
8080
"postcss": "^8",
8181
"react": "catalog:",
8282
"react-dom": "catalog:",

pnpm-lock.yaml

Lines changed: 45 additions & 37 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pnpm-workspace.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,11 @@ trustPolicyExclude:
6161
# while 5.1.0 was published via GitHub Actions with provenance. Fixed in v5.2.0.
6262
# See: https://github.com/reduxjs/reselect/issues/752
6363
- "reselect@5.1.1"
64+
# tinyexec@1.2.1+ was published via npm's staged publishing, which loses
65+
# Trusted Publisher metadata due to an npm bug. pnpm sees this as a trust
66+
# downgrade (trusted publisher → provenance only) even though provenance is present.
67+
# See: https://github.com/tinylibs/tinyexec/issues/136
68+
- "tinyexec@1.2.2"
6469

6570
# Save exact versions when adding dependencies
6671
saveExact: true

0 commit comments

Comments
 (0)