Skip to content

[Snyk] Security upgrade @openapitools/openapi-generator-cli from 2.27.0 to 2.28.3#10421

Merged
RomneyDa merged 1 commit intomainfrom
snyk-fix-c59e28ba618801848d5df7558a39887b
Feb 11, 2026
Merged

[Snyk] Security upgrade @openapitools/openapi-generator-cli from 2.27.0 to 2.28.3#10421
RomneyDa merged 1 commit intomainfrom
snyk-fix-c59e28ba618801848d5df7558a39887b

Conversation

@sestinj
Copy link
Contributor

@sestinj sestinj commented Feb 11, 2026
edited by cubic-dev-ai bot
Loading

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • packages/continue-sdk/package.json
  • packages/continue-sdk/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Prototype Pollution
SNYK-JS-AXIOS-15252993		   828  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

Summary by cubic

Upgrade @openapitools/openapi-generator-cli to 2.28.3 in continue-sdk to fix a high-severity axios Prototype Pollution vulnerability. Security-only change with no app code updates.

  • Dependencies
    • @openapitools/openapi-generator-cli: ^2.27.0 → ^2.28.3
    • Pulls axios to 1.13.5 (fixes SNYK-JS-AXIOS-15252993)
    • Also updates: @nestjs/common and @nestjs/core 11.1.13, glob 13.0.1, file-type 21.3.0, form-data 4.0.5, minimatch 10.1.2, lru-cache 11.2.6

Written for commit ac4816a. Summary will update on new commits.

@snyk-bot
fix: packages/continue-sdk/package.json & packages/continue-sdk/packa…
ac4816a 
…ge-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AXIOS-15252993
@sestinj sestinj requested a review from a team as a code owner February 11, 2026 10:54
@sestinj sestinj requested review from Patrick-Erichsen and removed request for a team February 11, 2026 10:54
@dosubot dosubot bot added the size:XS This PR changes 0-9 lines, ignoring generated files. label Feb 11, 2026
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Feb 11, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

@github-project-automation github-project-automation bot moved this from Todo to In Progress in Issues and PRs Feb 11, 2026
@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Feb 11, 2026
@RomneyDa RomneyDa merged commit 019a65e into main Feb 11, 2026
80 of 83 checks passed
@RomneyDa RomneyDa deleted the snyk-fix-c59e28ba618801848d5df7558a39887b branch February 11, 2026 11:19
@github-project-automation github-project-automation bot moved this from In Progress to Done in Issues and PRs Feb 11, 2026
@github-actions github-actions bot locked and limited conversation to collaborators Feb 11, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@RomneyDa RomneyDa RomneyDa approved these changes

@Patrick-Erichsen Patrick-Erichsen Awaiting requested review from Patrick-Erichsen Patrick-Erichsen is a code owner automatically assigned from continuedev/continue-code-reviewers

Assignees

No one assigned

Labels

lgtm This PR has been approved by a maintainer size:XS This PR changes 0-9 lines, ignoring generated files.

Projects

Issues and PRs
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sestinj @RomneyDa @snyk-bot