fix: resolve fast-xml-parser security audit failure (#28227)
This commit is contained in:
@@ -4,10 +4,4 @@ enableGlobalCache: false
|
||||
|
||||
nodeLinker: node-modules
|
||||
|
||||
# fast-xml-parser 4.4.1 via @boxyhq/saml-jackson → @aws-sdk/core@3.816.0 (transitive).
|
||||
# Only parses trusted AWS API responses, not user input. No practical attack vector.
|
||||
# Upstream fix pending: ory/polis (saml-jackson) has bumped to @aws-sdk@3.994.0 on main but hasn't released yet.
|
||||
npmAuditIgnoreAdvisories:
|
||||
- "1113407"
|
||||
|
||||
yarnPath: .yarn/releases/yarn-4.12.0.cjs
|
||||
|
||||
+2
-1
@@ -158,7 +158,8 @@
|
||||
"tar": "7.5.7",
|
||||
"lodash": "4.17.23",
|
||||
"lodash-es": "4.17.23",
|
||||
"@lingo.dev/_compiler/fast-xml-parser": "5.3.5"
|
||||
"@lingo.dev/_compiler/fast-xml-parser": "5.3.5",
|
||||
"fast-xml-parser": "4.5.4"
|
||||
},
|
||||
"packageExtensions": {
|
||||
"ink@3.2.0": {
|
||||
|
||||
@@ -22693,14 +22693,14 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"fast-xml-parser@npm:4.4.1":
|
||||
version: 4.4.1
|
||||
resolution: "fast-xml-parser@npm:4.4.1"
|
||||
"fast-xml-parser@npm:4.5.4":
|
||||
version: 4.5.4
|
||||
resolution: "fast-xml-parser@npm:4.5.4"
|
||||
dependencies:
|
||||
strnum: "npm:^1.0.5"
|
||||
bin:
|
||||
fxparser: src/cli/cli.js
|
||||
checksum: 10/0c05ab8703630d8c857fafadbd78d0020d3a8e54310c3842179cd4a0d9d97e96d209ce885e91241f4aa9dd8dfc2fd924a682741a423d65153cad34da2032ec44
|
||||
checksum: 10/991f11a15d82be778c3452e5f1109975d66276bb951ba4db87417507da15d0b1c09d15a4e4db15a216cf3315b4325f66ff3b7f9b7557d6a2055103755fb39cce
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
|
||||
Reference in New Issue
Block a user