fix: resolve fast-xml-parser security audit failure (#28227)

This commit is contained in:
Romit
2026-03-02 15:26:59 +05:30
committed by GitHub
parent 1c193cca86
commit ec7f8dd58e
3 changed files with 6 additions and 11 deletions
-6
View File
@@ -4,10 +4,4 @@ enableGlobalCache: false
nodeLinker: node-modules nodeLinker: node-modules
# fast-xml-parser 4.4.1 via @boxyhq/saml-jackson → @aws-sdk/core@3.816.0 (transitive).
# Only parses trusted AWS API responses, not user input. No practical attack vector.
# Upstream fix pending: ory/polis (saml-jackson) has bumped to @aws-sdk@3.994.0 on main but hasn't released yet.
npmAuditIgnoreAdvisories:
- "1113407"
yarnPath: .yarn/releases/yarn-4.12.0.cjs yarnPath: .yarn/releases/yarn-4.12.0.cjs
+2 -1
View File
@@ -158,7 +158,8 @@
"tar": "7.5.7", "tar": "7.5.7",
"lodash": "4.17.23", "lodash": "4.17.23",
"lodash-es": "4.17.23", "lodash-es": "4.17.23",
"@lingo.dev/_compiler/fast-xml-parser": "5.3.5" "@lingo.dev/_compiler/fast-xml-parser": "5.3.5",
"fast-xml-parser": "4.5.4"
}, },
"packageExtensions": { "packageExtensions": {
"ink@3.2.0": { "ink@3.2.0": {
+4 -4
View File
@@ -22693,14 +22693,14 @@ __metadata:
languageName: node languageName: node
linkType: hard linkType: hard
"fast-xml-parser@npm:4.4.1": "fast-xml-parser@npm:4.5.4":
version: 4.4.1 version: 4.5.4
resolution: "fast-xml-parser@npm:4.4.1" resolution: "fast-xml-parser@npm:4.5.4"
dependencies: dependencies:
strnum: "npm:^1.0.5" strnum: "npm:^1.0.5"
bin: bin:
fxparser: src/cli/cli.js fxparser: src/cli/cli.js
checksum: 10/0c05ab8703630d8c857fafadbd78d0020d3a8e54310c3842179cd4a0d9d97e96d209ce885e91241f4aa9dd8dfc2fd924a682741a423d65153cad34da2032ec44 checksum: 10/991f11a15d82be778c3452e5f1109975d66276bb951ba4db87417507da15d0b1c09d15a4e4db15a216cf3315b4325f66ff3b7f9b7557d6a2055103755fb39cce
languageName: node languageName: node
linkType: hard linkType: hard