Commit 7634d79

committed

fix: resolve security vulnerabilities

- Upgrade express from 4.21.2 to 4.22.1 - Upgrade puppeteer from 24.32.0 to 24.37.5 - Add npm overrides for duckdb dependencies (tar, @tootallnate/once, qs) - All Snyk security tests now pass with no vulnerabilities Fixes vulnerabilities: - Directory Traversal in tar (CVE-2026-26960) - ReDoS in minimatch (CVE-2026-27903, CVE-2026-26996, CVE-2026-27904) - Directory Traversal in basic-ftp (CVE-2026-27699) - Control Flow Scoping in @tootallnate/once (CVE-2026-3449) - Resource Allocation issues in qs (SNYK-JS-QS-14724253, SNYK-JS-QS-15268416) Made-with: Cursor

1 parent d1f8ea8 commit 7634d79Copy full SHA for 7634d79

2 files changed

package-lock.json
package.json

Comments

(0)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit 7634d79

File tree

0 commit comments