From 3a5021ad4f723674f1ed2391c6ea9966d65198df Mon Sep 17 00:00:00 2001 From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Fri, 27 Mar 2026 10:15:12 +0000 Subject: [PATCH] fix: upgrade kysely to 0.28.14 to fix SQL injection vulnerability Co-Authored-By: sean@cal.com --- .../components/booking/BookingListItem.tsx | 5 ++--- .../booking/actions/bookingActions.test.ts | 2 +- apps/web/components/booking/types.ts | 2 ++ packages/kysely/package.json | 2 +- yarn.lock | 22 +++++++++---------- 5 files changed, 17 insertions(+), 16 deletions(-) diff --git a/apps/web/components/booking/BookingListItem.tsx b/apps/web/components/booking/BookingListItem.tsx index 1c3ca971c79864..7dded2390f0cd7 100644 --- a/apps/web/components/booking/BookingListItem.tsx +++ b/apps/web/components/booking/BookingListItem.tsx @@ -14,7 +14,6 @@ import { useLocale } from "@calcom/lib/hooks/useLocale"; import { useGetTheme } from "@calcom/lib/hooks/useTheme"; import isSmsCalEmail from "@calcom/lib/isSmsCalEmail"; import { getEveryFreqFor } from "@calcom/lib/recurringStrings"; -import type { AssignmentReason } from "@calcom/prisma/client"; import { BookingStatus } from "@calcom/prisma/enums"; import { bookingMetadataSchema } from "@calcom/prisma/zod-utils"; import { trpc } from "@calcom/trpc/react"; @@ -59,7 +58,7 @@ import { getReportAction, isActionDisabled, } from "./actions/bookingActions"; -import type { BookingItemProps } from "./types"; +import type { BookingAssignmentReason, BookingItemProps } from "./types"; type ParsedBooking = ReturnType; type TeamEvent = Ensure, "team">; @@ -1151,7 +1150,7 @@ const AssignmentReasonTooltip = ({ assignmentReason, onClick, }: { - assignmentReason: AssignmentReason; + assignmentReason: BookingAssignmentReason; onClick?: () => void; }) => { const { t } = useLocale(); diff --git a/apps/web/components/booking/actions/bookingActions.test.ts b/apps/web/components/booking/actions/bookingActions.test.ts index 80738880053e48..ab26d6597e7b4e 100644 --- a/apps/web/components/booking/actions/bookingActions.test.ts +++ b/apps/web/components/booking/actions/bookingActions.test.ts @@ -31,7 +31,7 @@ function createMockContext(overrides: Partial = {}): Booki description: "Test meeting description", startTime: startTime.toISOString(), endTime: endTime.toISOString(), - createdAt: now, + createdAt: now.toISOString(), updatedAt: now, status: BookingStatus.ACCEPTED, paid: false, diff --git a/apps/web/components/booking/types.ts b/apps/web/components/booking/types.ts index b6c9671a2d8530..45222bee358cbf 100644 --- a/apps/web/components/booking/types.ts +++ b/apps/web/components/booking/types.ts @@ -6,6 +6,8 @@ export type BookingListingStatus = NonNullable< type BookingItem = RouterOutputs["viewer"]["bookings"]["get"]["bookings"][number]; +export type BookingAssignmentReason = BookingItem["assignmentReasonSortedByCreatedAt"][number]; + export type BookingItemProps = BookingItem & { listingStatus: BookingListingStatus; recurringInfo: RouterOutputs["viewer"]["bookings"]["get"]["recurringInfo"][number] | undefined; diff --git a/packages/kysely/package.json b/packages/kysely/package.json index bd9f313cb3d0bd..bdc157f8db1f75 100644 --- a/packages/kysely/package.json +++ b/packages/kysely/package.json @@ -3,7 +3,7 @@ "private": true, "main": "index.ts", "dependencies": { - "kysely": "0.28.2", + "kysely": "0.28.14", "pg": "8.16.0" }, "devDependencies": { diff --git a/yarn.lock b/yarn.lock index 79f63934b06e83..1e43e537cdb7ca 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2720,7 +2720,7 @@ __metadata: resolution: "@calcom/kysely@workspace:packages/kysely" dependencies: "@types/pg": "npm:8.11.14" - kysely: "npm:0.28.2" + kysely: "npm:0.28.14" pg: "npm:8.16.0" languageName: unknown linkType: soft @@ -2735,7 +2735,7 @@ __metadata: languageName: unknown linkType: soft -"@calcom/lib@workspace:*, @calcom/lib@workspace:packages/lib": +"@calcom/lib@npm:*, @calcom/lib@workspace:*, @calcom/lib@workspace:packages/lib": version: 0.0.0-use.local resolution: "@calcom/lib@workspace:packages/lib" dependencies: @@ -2780,9 +2780,9 @@ __metadata: version: 0.0.0-use.local resolution: "@calcom/lyra@workspace:packages/app-store/lyra" dependencies: - "@calcom/lib": "workspace:*" - "@calcom/prisma": "workspace:*" - "@calcom/types": "workspace:*" + "@calcom/lib": "npm:*" + "@calcom/prisma": "npm:*" + "@calcom/types": "npm:*" languageName: unknown linkType: soft @@ -2972,7 +2972,7 @@ __metadata: languageName: unknown linkType: soft -"@calcom/prisma@workspace:*, @calcom/prisma@workspace:packages/prisma": +"@calcom/prisma@npm:*, @calcom/prisma@workspace:*, @calcom/prisma@workspace:packages/prisma": version: 0.0.0-use.local resolution: "@calcom/prisma@workspace:packages/prisma" dependencies: @@ -3212,7 +3212,7 @@ __metadata: languageName: unknown linkType: soft -"@calcom/types@workspace:*, @calcom/types@workspace:packages/types": +"@calcom/types@npm:*, @calcom/types@workspace:*, @calcom/types@workspace:packages/types": version: 0.0.0-use.local resolution: "@calcom/types@workspace:packages/types" dependencies: @@ -27162,10 +27162,10 @@ __metadata: languageName: node linkType: hard -"kysely@npm:0.28.2": - version: 0.28.2 - resolution: "kysely@npm:0.28.2" - checksum: 10/2b9664abab95525411b24ac523c38ff286b701e58d0e88ef99c6b449d481c5298ae2c0e17e5cffaa2e98e566015c4b5aa7be46b331fc94d1abf44851ff5ec51f +"kysely@npm:0.28.14": + version: 0.28.14 + resolution: "kysely@npm:0.28.14" + checksum: 10/d76ff120c4c295091e0c8ecf9f2fb920547247d0cf6f0cf0098cb6d85fd77f18da09ddd18345477a527b82eddc087a145783772fc0e09e9280239fb87df83be9 languageName: node linkType: hard