fix: override js-cookie to >=3.0.6 to resolve high severity CVE

GHSA-qjx8-664m-686j: prototype hijack in js-cookie <= 3.0.5 used transitively via react-use in @giphy/react-components. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-22 13:50:05 -04:00
parent f0ed6707ba
commit 86c7d88843
2 changed files with 9 additions and 5 deletions
@@ -173,6 +173,7 @@
  "overrides": {
    "@giphy/js-util": {
      "dompurify": ">=3.3.4"
-    }
+    },
+    "js-cookie": ">=3.0.6"
  }
 }