LotusGuild/cinny
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: override js-cookie to >=3.0.6 to resolve high severity CVE

Browse Source 
GHSA-qjx8-664m-686j: prototype hijack in js-cookie <= 3.0.5 used
transitively via react-use in @giphy/react-components.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Lotus Bot
2026-05-22 13:50:05 -04:00
parent 7079462503
commit 5cb642b509
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package.json
+2 -1
View File
@@ -173,6 +173,7 @@
"overrides": {
"@giphy/js-util": {
"dompurify": ">=3.3.4"
}
},
"js-cookie": ">=3.0.6"
}
}