Skip to content

fix: bump form-data to 4.0.6 and run npm audit fix#492

Merged
szczys merged 2 commits into
mainfrom
szczys/bump-form-data-4.0.6
Jul 2, 2026
Merged

fix: bump form-data to 4.0.6 and run npm audit fix#492
szczys merged 2 commits into
mainfrom
szczys/bump-form-data-4.0.6

Conversation

@szczys

@szczys szczys commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator
  • Add form-data override to >=4.0.6 to fix CRLF injection reported by dependabot
  • run npm audit fix for dompurify, http-proxy-middleware, joi, js-yaml, launch-editor, protobufjs, webpack-dev-server

@szczys szczys force-pushed the szczys/bump-form-data-4.0.6 branch from 8512ce8 to 1a1948d Compare July 1, 2026 20:57
szczys added 2 commits July 1, 2026 16:01
- upgrade the firebase action to the latest release
- pin the node24 version to workaround regression in firebase-tools
- add write permissions needed due to org-level change to read-only default

Signed-off-by: Mike Szczys <michael.szczys@canonical.com>
- Add form-data override to >=4.0.6 to fix CRLF injection reported by dependabot
- run npm audit fix for dompurify, http-proxy-middleware, joi, js-yaml,
  launch-editor, protobufjs, webpack-dev-server

Signed-off-by: Mike Szczys <michael.szczys@canonical.com>
@szczys szczys force-pushed the szczys/bump-form-data-4.0.6 branch from 1a1948d to 6b4583a Compare July 1, 2026 21:02
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

Visit the preview URL for this PR (updated for commit 6b4583a):

https://golioth-docs-dev--pr492-szczys-bump-form-dat-ucxxxj5a.web.app

(expires Fri, 31 Jul 2026 21:03:30 GMT)

🔥 via Firebase Hosting GitHub Action 🌎

Sign: f53b02bdc98ce6f5593931ec4c339aa96bac84df

@szczys szczys requested review from ChrisGammell and hasheddan July 1, 2026 21:04
@szczys szczys merged commit 80a1630 into main Jul 2, 2026
2 checks passed
@szczys szczys deleted the szczys/bump-form-data-4.0.6 branch July 2, 2026 14:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants