From dd8fb958885f62ce4efbdb0fe8c0b202a753a894 Mon Sep 17 00:00:00 2001 From: Tommy Nguyen <4123478+tido64@users.noreply.github.com> Date: Thu, 9 Apr 2026 15:56:11 +0200 Subject: [PATCH] chore(security): address security reports - CVE-2026-2950 - CVE-2026-4800 - CVE-2026-4923 - CVE-2026-4926 - CVE-2026-34601 - GHSA-chqc-8p9q-pq6q --- package.json | 1 + yarn.lock | 38 +++++++++++++++++++------------------- 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/package.json b/package.json index 757fa1136..dd12b67f5 100644 --- a/package.json +++ b/package.json @@ -47,6 +47,7 @@ "@appium/base-driver/axios": "^1.13.6", "@appium/base-driver/lodash": "^4.17.23", "@appium/base-driver/lru-cache": "^11.2.6", + "@appium/base-driver/path-to-regexp": "^8.3.0", "@appium/docutils": "ignore:", "@appium/logger/lodash": "^4.17.23", "@appium/logger/lru-cache": "^11.2.6", diff --git a/yarn.lock b/yarn.lock index 3d8cb3daf..60a25eca3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5066,23 +5066,23 @@ __metadata: linkType: hard "@xmldom/xmldom@npm:^0.7.7": - version: 0.7.9 - resolution: "@xmldom/xmldom@npm:0.7.9" - checksum: 10c0/aa664f1e670081dd116d879562dffbd9f80e91dea4867e4af0d6ae4c9f29e1b2dbed6b12b1116b139ebf7221f682fa90c4bc2b2d251342b05b813f1b88a293ac + version: 0.7.13 + resolution: "@xmldom/xmldom@npm:0.7.13" + checksum: 10c0/cb02e4e8d986acf18578a5f25d1bce5e18d08718f40d8a0cdd922a4c112c8e00daf94de4e43f9556ed147c696b135f2ab81fa9a2a8a0416f60af15d156b60e40 languageName: node linkType: hard "@xmldom/xmldom@npm:^0.8.8": - version: 0.8.10 - resolution: "@xmldom/xmldom@npm:0.8.10" - checksum: 10c0/c7647c442502720182b0d65b17d45d2d95317c1c8c497626fe524bda79b4fb768a9aa4fae2da919f308e7abcff7d67c058b102a9d641097e9a57f0b80187851f + version: 0.8.12 + resolution: "@xmldom/xmldom@npm:0.8.12" + checksum: 10c0/b733c84292d1bee32ef21a05aba8f9063456b51a54068d0b4a1abf5545156ee0b9894b7ae23775b5881b11c35a8a03871d1b514fb7e1b11654cdbee57e1c2707 languageName: node linkType: hard "@xmldom/xmldom@npm:^0.9.8, @xmldom/xmldom@npm:^0.x": - version: 0.9.8 - resolution: "@xmldom/xmldom@npm:0.9.8" - checksum: 10c0/2ea984270832de2843ab0bbb6df71bde9aa02126b69e5fd56b5512b98ace48e94aff7186e77d0b22fe4b6780483862be752bcf8577436638a9210109029a0503 + version: 0.9.9 + resolution: "@xmldom/xmldom@npm:0.9.9" + checksum: 10c0/f1ecf6cd6926651a752d578fe662c10c47b8f8d98abe646f3318998283ac4a0e591161f89c8d1fc1822ae2524b82f8ff3de4ab396fba7ad7988f508cd5118e89 languageName: node linkType: hard @@ -6078,9 +6078,9 @@ __metadata: linkType: hard "basic-ftp@npm:^5.0.2": - version: 5.2.0 - resolution: "basic-ftp@npm:5.2.0" - checksum: 10c0/a0f85c01deae0723021f9bf4a7be29378186fa8bba41e74ea11832fe74c187ce90c3599c3cc5ec936581cfd150020e79f4a9ed0ee9fb20b2308e69b045f3a059 + version: 5.2.1 + resolution: "basic-ftp@npm:5.2.1" + checksum: 10c0/1d94eca86ed051fde73fd9c00c6853ee3d5a3b781963fb79adf04d384d34b576a53f9f0ba24955ded16606f88da60b383484254db4fe7a3985b60a57fcaa0530 languageName: node linkType: hard @@ -10139,9 +10139,9 @@ __metadata: linkType: hard "lodash@npm:^4.0.0, lodash@npm:^4.17.11, lodash@npm:^4.17.14, lodash@npm:^4.17.15, lodash@npm:^4.17.21, lodash@npm:^4.17.23, lodash@npm:^4.17.4, lodash@npm:^4.2.1": - version: 4.17.23 - resolution: "lodash@npm:4.17.23" - checksum: 10c0/1264a90469f5bb95d4739c43eb6277d15b6d9e186df4ac68c3620443160fc669e2f14c11e7d8b2ccf078b81d06147c01a8ccced9aab9f9f63d50dcf8cace6bf6 + version: 4.18.1 + resolution: "lodash@npm:4.18.1" + checksum: 10c0/757228fc68805c59789e82185135cf85f05d0b2d3d54631d680ca79ec21944ec8314d4533639a14b8bcfbd97a517e78960933041a5af17ecb693ec6eecb99a27 languageName: node linkType: hard @@ -12041,10 +12041,10 @@ __metadata: languageName: node linkType: hard -"path-to-regexp@npm:8.3.0, path-to-regexp@npm:^8.0.0": - version: 8.3.0 - resolution: "path-to-regexp@npm:8.3.0" - checksum: 10c0/ee1544a73a3f294a97a4c663b0ce71bbf1621d732d80c9c9ed201b3e911a86cb628ebad691b9d40f40a3742fe22011e5a059d8eed2cf63ec2cb94f6fb4efe67c +"path-to-regexp@npm:^8.0.0, path-to-regexp@npm:^8.3.0": + version: 8.4.2 + resolution: "path-to-regexp@npm:8.4.2" + checksum: 10c0/05b115c49b47ad252ce05faa32930f643f23769c68b8bcfe78ad833545140c48bbffb3266986d6c8d5db13a64cf12e07e0d72d9882cab830efeefa553533ebaf languageName: node linkType: hard