From 449c423da35e004059e1cd2be19c9b5efe594804 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?=
 <aditya@netroy.in>
Date: Mon, 20 Mar 2023 15:23:35 +0100
Subject: [PATCH] fix(core): Force-upgrade `decode-uri-component` to address
 CVE-2022-38900

[GitHub Advisory](https://github.com/advisories/GHSA-w573-4hg7-7wgq)
---
 package.json   | 1 +
 pnpm-lock.yaml | 9 ++-------
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/package.json b/package.json
index e69c7a29867e7..b0488bc4f1039 100644
--- a/package.json
+++ b/package.json
@@ -69,6 +69,7 @@
       "@types/node": "^16.18.12",
       "browserslist": "^4.21.4",
       "chokidar": "3.5.2",
+      "decode-uri-component": "0.2.2",
       "ejs": "^3.1.8",
       "fork-ts-checker-webpack-plugin": "^6.0.4",
       "jsonwebtoken": "9.0.0",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 06fdd35d03ef8..952bc2675a116 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -8,6 +8,7 @@ overrides:
   '@types/node': ^16.18.12
   browserslist: ^4.21.4
   chokidar: 3.5.2
+  decode-uri-component: 0.2.2
   ejs: ^3.1.8
   fork-ts-checker-webpack-plugin: ^6.0.4
   jsonwebtoken: 9.0.0
@@ -9740,15 +9741,9 @@ packages:
     resolution: {integrity: sha512-VBBaLc1MgL5XpzgIP7ny5Z6Nx3UrRkIViUkPUdtl9aya5amy3De1gsUUSB1g3+3sExYNjCAsAznmukyxCb1GRA==}
     dev: true
 
-  /decode-uri-component/0.2.0:
-    resolution: {integrity: sha512-hjf+xovcEn31w/EUYdTXQh/8smFL/dzYjohQGEIgjyNavaJfBY2p5F527Bo1VPATxv0VYTUC2bOcXvqFwk78Og==}
-    engines: {node: '>=0.10'}
-    dev: false
-
   /decode-uri-component/0.2.2:
     resolution: {integrity: sha512-FqUYQ+8o158GyGTrMFJms9qh3CqTKvAqgqsTnkLI8sKu0028orqBhxNMFkFen0zGyg6epACD32pjVk58ngIErQ==}
     engines: {node: '>=0.10'}
-    dev: true
 
   /dedent/0.7.0:
     resolution: {integrity: sha512-Q6fKUPqnAHAyhiUgFU7BUzLiv0kd8saH9al7tnu5Q/okj6dnupxyTgFIBjVzJATdfIAm9NAsvXNzjaKa+bxVyA==}
@@ -17492,7 +17487,7 @@ packages:
     resolution: {integrity: sha512-MplouLRDHBZSG9z7fpuAAcI7aAYjDLhtsiVZsevsfaHWDS2IDdORKbSd1kWUA+V4zyva/HZoSfpwnYMMQDhb0w==}
     engines: {node: '>=6'}
     dependencies:
-      decode-uri-component: 0.2.0
+      decode-uri-component: 0.2.2
       filter-obj: 1.1.0
       split-on-first: 1.1.0
       strict-uri-encode: 2.0.0