From c296f9d49e9c7ca79ff2d666988899fc9ea10564 Mon Sep 17 00:00:00 2001 From: Atharva Shinde Date: Wed, 1 Jul 2026 10:48:01 +0530 Subject: [PATCH] bump ws to fix CVE-2026-48779 Signed-off-by: Atharva Shinde --- frontend/package.json | 5 ++++- frontend/yarn.lock | 24 ++++++++++++------------ 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/frontend/package.json b/frontend/package.json index b34c3a79b61..dde5afdb98d 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -329,7 +329,10 @@ "minimatch@^10.1.2": "^10.2.1", "fast-uri": "3.1.2", "shell-quote": "1.8.4", - "protobufjs": "7.5.8" + "protobufjs": "7.5.8", + "ws@^5.2.0": "^5.2.5", + "ws@^7.3.1": "^7.5.11", + "ws@^8.18.0": "^8.21.0" }, "lint-staged": { "*.{js,jsx,ts,tsx,json,gql,graphql}": "eslint --color --fix" diff --git a/frontend/yarn.lock b/frontend/yarn.lock index ca0395e4e3a..700c3810bd6 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -23762,18 +23762,18 @@ __metadata: languageName: node linkType: hard -"ws@npm:^5.2.0": - version: 5.2.2 - resolution: "ws@npm:5.2.2" +"ws@npm:^5.2.5": + version: 5.2.5 + resolution: "ws@npm:5.2.5" dependencies: async-limiter: "npm:~1.0.0" - checksum: 10c0/23c75681caa438c8b9e21f8cc30feb9fd4e8dfd2ed986ee9f130eaca0494b79ab9fd4441ddfc3faadf7f6a206dc095fdde961106a0616eeca66b17f22efb0033 + checksum: 10c0/829b2e57028c65765a01bd240fb05c736050cc1e6836f5d6df04ebc4e78c2950c7d437bbfd01a79345050813e9da2162171be8c5b5301cc4307804932908d9de languageName: node linkType: hard -"ws@npm:^7.3.1": - version: 7.5.10 - resolution: "ws@npm:7.5.10" +"ws@npm:^7.5.11": + version: 7.5.11 + resolution: "ws@npm:7.5.11" peerDependencies: bufferutil: ^4.0.1 utf-8-validate: ^5.0.2 @@ -23782,13 +23782,13 @@ __metadata: optional: true utf-8-validate: optional: true - checksum: 10c0/bd7d5f4aaf04fae7960c23dcb6c6375d525e00f795dd20b9385902bd008c40a94d3db3ce97d878acc7573df852056ca546328b27b39f47609f80fb22a0a9b61d + checksum: 10c0/7972670b676fb1ccba73b0899ca3c2e04e8c2075629c2614cced7f556536f96a672bbf4619fc5a06c8b8720bb839a47ca88c69c95dc14c9c61a99fbecba1c866 languageName: node linkType: hard -"ws@npm:^8.18.0": - version: 8.18.0 - resolution: "ws@npm:8.18.0" +"ws@npm:^8.21.0": + version: 8.21.0 + resolution: "ws@npm:8.21.0" peerDependencies: bufferutil: ^4.0.1 utf-8-validate: ">=5.0.2" @@ -23797,7 +23797,7 @@ __metadata: optional: true utf-8-validate: optional: true - checksum: 10c0/25eb33aff17edcb90721ed6b0eb250976328533ad3cd1a28a274bd263682e7296a6591ff1436d6cbc50fa67463158b062f9d1122013b361cec99a05f84680e06 + checksum: 10c0/ef4a243476283fc49bc7550966c4af4aa0eef56273837211e700de3b664e08604a760cdddcb5ba43c049140e74ccfec5b0ee0bb439e08c2adf9138902fdde5f9 languageName: node linkType: hard