LotusGuild/cinny
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: override js-cookie to >=3.0.6 to resolve high severity CVE
CI / Build & Quality Checks (push) Successful in 10m11s
Details

Browse Source 
GHSA-qjx8-664m-686j: prototype hijack in js-cookie <= 3.0.5 used
transitively via react-use in @giphy/react-components.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Lotus Bot
2026-05-22 13:50:05 -04:00
parent f0ed6707ba
commit 86c7d88843
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package-lock.json
Generated
+7 -4
View File
@@ -11282,10 +11282,13 @@
}
},
"node_modules/js-cookie": {
"version": "2.2.1",
"resolved": "https://registry.npmjs.org/js-cookie/-/js-cookie-2.2.1.tgz",
"integrity": "sha512-HvdH2LzI/EAZcUwA8+0nKNtWHqS+ZmijLA30RwZA0bo7ToCckjK5MkGhjED9KoRcXO6BaGI3I9UIzSA1FKFPOQ==",
"license": "MIT"
"version": "3.0.7",
"resolved": "https://registry.npmjs.org/js-cookie/-/js-cookie-3.0.7.tgz",
"integrity": "sha512-z/wZZgDrkNV1eA0ULjM/F9/50Ya8fbzgKneSpoPsXSGd0KnpdtHfOZWK+GcwLk+EZbS4F9RBhU+K2RgzuDaItw==",
"license": "MIT",
"engines": {
"node": ">=20"
}
},
"node_modules/js-tokens": {
"version": "4.0.0",
package.json
+2 -1
View File
@@ -173,6 +173,7 @@
"overrides": {
"@giphy/js-util": {
"dompurify": ">=3.3.4"
}
},
"js-cookie": ">=3.0.6"
}
}