Skip to content

chore: update sirv to version 3.0.2#692

Merged
valscion merged 3 commits into
webpack:mainfrom
bjohansebas:update-sirv
Jan 20, 2026
Merged

chore: update sirv to version 3.0.2#692
valscion merged 3 commits into
webpack:mainfrom
bjohansebas:update-sirv

Conversation

@bjohansebas

Copy link
Copy Markdown
Member

Summary

the CVE is not for sirv, it was only for Vite. But for some reason, Snyk picks it up in its scanners.

closes #672

What kind of change does this PR introduce?

Did you add tests for your changes?

Does this PR introduce a breaking change?

If relevant, what needs to be documented once your changes are merged or what have you already documented?

@valscion valscion left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Can you add a changelog entry here as well?

@alexander-akait

Copy link
Copy Markdown
Member

@bjohansebas need rebase, thanks

@bjohansebas

Copy link
Copy Markdown
Member Author

done

@valscion valscion merged commit 290913e into webpack:main Jan 20, 2026
5 checks passed
@bjohansebas bjohansebas deleted the update-sirv branch January 20, 2026 13:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Directory Traversal Security alert sirv: '^2.0.3',

3 participants