Skip to content

Commit

Permalink
fix: babel vulnerable to arbitrary code execution
Browse files Browse the repository at this point in the history 
related issue: https://github.com/awslabs/iot-app-kit/security/dependabot/106
fix: add @babel/traverse ^7.23.7 to package.json overrides
  • Loading branch information
@mitchlee-amzn
Chen Shang authored and mitchlee-amzn committed Apr 10, 2024
1 parent 4dc8559 commit 8c32328
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 18 deletions.
36 changes: 18 additions & 18 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@
"allowUnsafeName": "github repo"
},
"overrides": {
"@babel/traverse": "^7.23.7",
"@types/react": "^18.0.28",
"@types/react-dom": "^18.0.11",
"fast-xml-parser": "^4.2.5",
Expand Down

0 comments on commit 8c32328

Please sign in to comment.