Fix node-forge and other npm vulnerabilities #120

sunnywu · 2025-11-28T01:31:17Z

Add overrides for node-forge@^1.3.2 (fixes CVE-2025-12816, CVE-2025-66031, CVE-2025-66030)
Add overrides for postcss@^8.4.31 (fixes CVE-2023-44270)
Add overrides for webpack-dev-server@^5.2.1 (fixes CVE-2025-30359, CVE-2025-30360)
Add overrides for body-parser@^2.2.1 (fixes CVE-2025-13466)
Update package-lock.json files in affected projects

- Add overrides for node-forge@^1.3.2 (fixes CVE-2025-12816, CVE-2025-66031, CVE-2025-66030) - Add overrides for postcss@^8.4.31 (fixes CVE-2023-44270) - Add overrides for webpack-dev-server@^5.2.1 (fixes CVE-2025-30359, CVE-2025-30360) - Add overrides for body-parser@^2.2.1 (fixes CVE-2025-13466) - Update package-lock.json files in affected projects

sunnywu and others added 2 commits November 28, 2025 12:30

Merge branch 'main' into syw-UID2-6332-node-forge-vulnerability

d61bd18

ashleysmithTTD approved these changes Dec 1, 2025

View reviewed changes

sunnywu merged commit fcee1c1 into main Dec 2, 2025
2 checks passed

sunnywu deleted the syw-UID2-6332-node-forge-vulnerability branch December 2, 2025 01:54

Provide feedback