mirror of
https://github.com/umami-software/umami.git
synced 2026-02-04 04:37:11 +01:00
Fix React Server Components CVE vulnerabilities
Updated dependencies to fix Next.js and React CVE vulnerabilities. The fix-react2shell-next tool automatically updated the following packages to their secure versions: - next - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory. Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com>
This commit is contained in:
Vercel
parent
abc02465e3
commit
82f30d221f
2 changed files with 47 additions and 46 deletions
|
|
@ -103,7 +103,7 @@
|
|||
"kafkajs": "^2.1.0",
|
||||
"maxmind": "^4.3.24",
|
||||
"md5": "^2.3.0",
|
||||
"next": "15.3.3",
|
||||
"next": "15.3.8",
|
||||
"node-fetch": "^3.2.8",
|
||||
"npm-run-all": "^4.1.5",
|
||||
"prisma": "6.7.0",
|
||||
|
|
|
|||
91
pnpm-lock.yaml
generated
91
pnpm-lock.yaml
generated
|
|
@ -120,8 +120,8 @@ importers:
|
|||
specifier: ^2.3.0
|
||||
version: 2.3.0
|
||||
next:
|
||||
specifier: 15.3.3
|
||||
version: 15.3.3(@babel/core@7.26.10)(react-dom@19.1.0(react@19.1.0))(react@19.1.0)
|
||||
specifier: 15.3.8
|
||||
version: 15.3.8(@babel/core@7.26.10)(react-dom@19.1.0(react@19.1.0))(react@19.1.0)
|
||||
node-fetch:
|
||||
specifier: ^3.2.8
|
||||
version: 3.3.2
|
||||
|
|
@ -1795,56 +1795,56 @@ packages:
|
|||
resolution: {integrity: sha512-UZ0D6MKMV+7toNTeiki96YDcxwR/2lddW9zJQh4n62o564S/D2r5w46UTE0DcCY7Jtw7WGVOy1VtB3ws2gKW0A==}
|
||||
engines: {node: '>=18.0.0'}
|
||||
|
||||
'@next/env@15.3.3':
|
||||
resolution: {integrity: sha512-OdiMrzCl2Xi0VTjiQQUK0Xh7bJHnOuET2s+3V+Y40WJBAXrJeGA3f+I8MZJ/YQ3mVGi5XGR1L66oFlgqXhQ4Vw==}
|
||||
'@next/env@15.3.8':
|
||||
resolution: {integrity: sha512-SAfHg0g91MQVMPioeFeDjE+8UPF3j3BvHjs8ZKJAUz1BG7eMPvfCKOAgNWJ6s1MLNeP6O2InKQRTNblxPWuq+Q==}
|
||||
|
||||
'@next/eslint-plugin-next@14.2.28':
|
||||
resolution: {integrity: sha512-GQUPA1bTZy5qZdPV5MOHB18465azzhg8xm5o2SqxMF+h1rWNjB43y6xmIPHG5OV2OiU3WxuINpusXom49DdaIQ==}
|
||||
|
||||
'@next/swc-darwin-arm64@15.3.3':
|
||||
resolution: {integrity: sha512-WRJERLuH+O3oYB4yZNVahSVFmtxRNjNF1I1c34tYMoJb0Pve+7/RaLAJJizyYiFhjYNGHRAE1Ri2Fd23zgDqhg==}
|
||||
'@next/swc-darwin-arm64@15.3.5':
|
||||
resolution: {integrity: sha512-lM/8tilIsqBq+2nq9kbTW19vfwFve0NR7MxfkuSUbRSgXlMQoJYg+31+++XwKVSXk4uT23G2eF/7BRIKdn8t8w==}
|
||||
engines: {node: '>= 10'}
|
||||
cpu: [arm64]
|
||||
os: [darwin]
|
||||
|
||||
'@next/swc-darwin-x64@15.3.3':
|
||||
resolution: {integrity: sha512-XHdzH/yBc55lu78k/XwtuFR/ZXUTcflpRXcsu0nKmF45U96jt1tsOZhVrn5YH+paw66zOANpOnFQ9i6/j+UYvw==}
|
||||
'@next/swc-darwin-x64@15.3.5':
|
||||
resolution: {integrity: sha512-WhwegPQJ5IfoUNZUVsI9TRAlKpjGVK0tpJTL6KeiC4cux9774NYE9Wu/iCfIkL/5J8rPAkqZpG7n+EfiAfidXA==}
|
||||
engines: {node: '>= 10'}
|
||||
cpu: [x64]
|
||||
os: [darwin]
|
||||
|
||||
'@next/swc-linux-arm64-gnu@15.3.3':
|
||||
resolution: {integrity: sha512-VZ3sYL2LXB8znNGcjhocikEkag/8xiLgnvQts41tq6i+wql63SMS1Q6N8RVXHw5pEUjiof+II3HkDd7GFcgkzw==}
|
||||
'@next/swc-linux-arm64-gnu@15.3.5':
|
||||
resolution: {integrity: sha512-LVD6uMOZ7XePg3KWYdGuzuvVboxujGjbcuP2jsPAN3MnLdLoZUXKRc6ixxfs03RH7qBdEHCZjyLP/jBdCJVRJQ==}
|
||||
engines: {node: '>= 10'}
|
||||
cpu: [arm64]
|
||||
os: [linux]
|
||||
|
||||
'@next/swc-linux-arm64-musl@15.3.3':
|
||||
resolution: {integrity: sha512-h6Y1fLU4RWAp1HPNJWDYBQ+e3G7sLckyBXhmH9ajn8l/RSMnhbuPBV/fXmy3muMcVwoJdHL+UtzRzs0nXOf9SA==}
|
||||
'@next/swc-linux-arm64-musl@15.3.5':
|
||||
resolution: {integrity: sha512-k8aVScYZ++BnS2P69ClK7v4nOu702jcF9AIHKu6llhHEtBSmM2zkPGl9yoqbSU/657IIIb0QHpdxEr0iW9z53A==}
|
||||
engines: {node: '>= 10'}
|
||||
cpu: [arm64]
|
||||
os: [linux]
|
||||
|
||||
'@next/swc-linux-x64-gnu@15.3.3':
|
||||
resolution: {integrity: sha512-jJ8HRiF3N8Zw6hGlytCj5BiHyG/K+fnTKVDEKvUCyiQ/0r5tgwO7OgaRiOjjRoIx2vwLR+Rz8hQoPrnmFbJdfw==}
|
||||
'@next/swc-linux-x64-gnu@15.3.5':
|
||||
resolution: {integrity: sha512-2xYU0DI9DGN/bAHzVwADid22ba5d/xrbrQlr2U+/Q5WkFUzeL0TDR963BdrtLS/4bMmKZGptLeg6282H/S2i8A==}
|
||||
engines: {node: '>= 10'}
|
||||
cpu: [x64]
|
||||
os: [linux]
|
||||
|
||||
'@next/swc-linux-x64-musl@15.3.3':
|
||||
resolution: {integrity: sha512-HrUcTr4N+RgiiGn3jjeT6Oo208UT/7BuTr7K0mdKRBtTbT4v9zJqCDKO97DUqqoBK1qyzP1RwvrWTvU6EPh/Cw==}
|
||||
'@next/swc-linux-x64-musl@15.3.5':
|
||||
resolution: {integrity: sha512-TRYIqAGf1KCbuAB0gjhdn5Ytd8fV+wJSM2Nh2is/xEqR8PZHxfQuaiNhoF50XfY90sNpaRMaGhF6E+qjV1b9Tg==}
|
||||
engines: {node: '>= 10'}
|
||||
cpu: [x64]
|
||||
os: [linux]
|
||||
|
||||
'@next/swc-win32-arm64-msvc@15.3.3':
|
||||
resolution: {integrity: sha512-SxorONgi6K7ZUysMtRF3mIeHC5aA3IQLmKFQzU0OuhuUYwpOBc1ypaLJLP5Bf3M9k53KUUUj4vTPwzGvl/NwlQ==}
|
||||
'@next/swc-win32-arm64-msvc@15.3.5':
|
||||
resolution: {integrity: sha512-h04/7iMEUSMY6fDGCvdanKqlO1qYvzNxntZlCzfE8i5P0uqzVQWQquU1TIhlz0VqGQGXLrFDuTJVONpqGqjGKQ==}
|
||||
engines: {node: '>= 10'}
|
||||
cpu: [arm64]
|
||||
os: [win32]
|
||||
|
||||
'@next/swc-win32-x64-msvc@15.3.3':
|
||||
resolution: {integrity: sha512-4QZG6F8enl9/S2+yIiOiju0iCTFd93d8VC1q9LZS4p/Xuk81W2QDjCFeoogmrWWkAD59z8ZxepBQap2dKS5ruw==}
|
||||
'@next/swc-win32-x64-msvc@15.3.5':
|
||||
resolution: {integrity: sha512-5fhH6fccXxnX2KhllnGhkYMndhOiLOLEiVGYjP2nizqeGWkN10sA9taATlXwake2E2XMvYZjjz0Uj7T0y+z1yw==}
|
||||
engines: {node: '>= 10'}
|
||||
cpu: [x64]
|
||||
os: [win32]
|
||||
|
|
@ -4872,8 +4872,8 @@ packages:
|
|||
natural-compare@1.4.0:
|
||||
resolution: {integrity: sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==}
|
||||
|
||||
next@15.3.3:
|
||||
resolution: {integrity: sha512-JqNj29hHNmCLtNvd090SyRbXJiivQ+58XjCcrC50Crb5g5u2zi7Y2YivbsEfzk6AtVI80akdOQbaMZwWB1Hthw==}
|
||||
next@15.3.8:
|
||||
resolution: {integrity: sha512-L+4c5Hlr84fuaNADZbB9+ceRX9/CzwxJ+obXIGHupboB/Q1OLbSUapFs4bO8hnS/E6zV/JDX7sG1QpKVR2bguA==}
|
||||
engines: {node: ^18.18.0 || ^19.8.0 || >= 20.0.0}
|
||||
hasBin: true
|
||||
peerDependencies:
|
||||
|
|
@ -6265,6 +6265,7 @@ packages:
|
|||
tar@6.2.1:
|
||||
resolution: {integrity: sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==}
|
||||
engines: {node: '>=10'}
|
||||
deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exhorbitant rates) by contacting i@izs.me
|
||||
|
||||
terser@5.39.0:
|
||||
resolution: {integrity: sha512-LBAhFyLho16harJoWMg/nZsQYgTrg5jXOn2nCYjRUcZZEdE3qa2zb8QEDRUGVZBW4rlazf2fxkg8tztybTaqWw==}
|
||||
|
|
@ -8342,34 +8343,34 @@ snapshots:
|
|||
|
||||
'@netlify/plugin-nextjs@5.10.7': {}
|
||||
|
||||
'@next/env@15.3.3': {}
|
||||
'@next/env@15.3.8': {}
|
||||
|
||||
'@next/eslint-plugin-next@14.2.28':
|
||||
dependencies:
|
||||
glob: 10.3.10
|
||||
|
||||
'@next/swc-darwin-arm64@15.3.3':
|
||||
'@next/swc-darwin-arm64@15.3.5':
|
||||
optional: true
|
||||
|
||||
'@next/swc-darwin-x64@15.3.3':
|
||||
'@next/swc-darwin-x64@15.3.5':
|
||||
optional: true
|
||||
|
||||
'@next/swc-linux-arm64-gnu@15.3.3':
|
||||
'@next/swc-linux-arm64-gnu@15.3.5':
|
||||
optional: true
|
||||
|
||||
'@next/swc-linux-arm64-musl@15.3.3':
|
||||
'@next/swc-linux-arm64-musl@15.3.5':
|
||||
optional: true
|
||||
|
||||
'@next/swc-linux-x64-gnu@15.3.3':
|
||||
'@next/swc-linux-x64-gnu@15.3.5':
|
||||
optional: true
|
||||
|
||||
'@next/swc-linux-x64-musl@15.3.3':
|
||||
'@next/swc-linux-x64-musl@15.3.5':
|
||||
optional: true
|
||||
|
||||
'@next/swc-win32-arm64-msvc@15.3.3':
|
||||
'@next/swc-win32-arm64-msvc@15.3.5':
|
||||
optional: true
|
||||
|
||||
'@next/swc-win32-x64-msvc@15.3.3':
|
||||
'@next/swc-win32-x64-msvc@15.3.5':
|
||||
optional: true
|
||||
|
||||
'@nodelib/fs.scandir@2.1.5':
|
||||
|
|
@ -8883,7 +8884,7 @@ snapshots:
|
|||
debug: 4.4.0(supports-color@8.1.1)
|
||||
globby: 11.1.0
|
||||
is-glob: 4.0.3
|
||||
semver: 7.7.1
|
||||
semver: 7.7.2
|
||||
tsutils: 3.21.0(typescript@5.8.3)
|
||||
optionalDependencies:
|
||||
typescript: 5.8.3
|
||||
|
|
@ -10995,7 +10996,7 @@ snapshots:
|
|||
|
||||
is-bun-module@2.0.0:
|
||||
dependencies:
|
||||
semver: 7.7.1
|
||||
semver: 7.7.2
|
||||
|
||||
is-callable@1.2.7: {}
|
||||
|
||||
|
|
@ -11452,7 +11453,7 @@ snapshots:
|
|||
jest-util: 29.7.0
|
||||
natural-compare: 1.4.0
|
||||
pretty-format: 29.7.0
|
||||
semver: 7.7.1
|
||||
semver: 7.7.2
|
||||
transitivePeerDependencies:
|
||||
- supports-color
|
||||
|
||||
|
|
@ -11937,9 +11938,9 @@ snapshots:
|
|||
|
||||
natural-compare@1.4.0: {}
|
||||
|
||||
next@15.3.3(@babel/core@7.26.10)(react-dom@19.1.0(react@19.1.0))(react@19.1.0):
|
||||
next@15.3.8(@babel/core@7.26.10)(react-dom@19.1.0(react@19.1.0))(react@19.1.0):
|
||||
dependencies:
|
||||
'@next/env': 15.3.3
|
||||
'@next/env': 15.3.8
|
||||
'@swc/counter': 0.1.3
|
||||
'@swc/helpers': 0.5.15
|
||||
busboy: 1.6.0
|
||||
|
|
@ -11949,14 +11950,14 @@ snapshots:
|
|||
react-dom: 19.1.0(react@19.1.0)
|
||||
styled-jsx: 5.1.6(@babel/core@7.26.10)(react@19.1.0)
|
||||
optionalDependencies:
|
||||
'@next/swc-darwin-arm64': 15.3.3
|
||||
'@next/swc-darwin-x64': 15.3.3
|
||||
'@next/swc-linux-arm64-gnu': 15.3.3
|
||||
'@next/swc-linux-arm64-musl': 15.3.3
|
||||
'@next/swc-linux-x64-gnu': 15.3.3
|
||||
'@next/swc-linux-x64-musl': 15.3.3
|
||||
'@next/swc-win32-arm64-msvc': 15.3.3
|
||||
'@next/swc-win32-x64-msvc': 15.3.3
|
||||
'@next/swc-darwin-arm64': 15.3.5
|
||||
'@next/swc-darwin-x64': 15.3.5
|
||||
'@next/swc-linux-arm64-gnu': 15.3.5
|
||||
'@next/swc-linux-arm64-musl': 15.3.5
|
||||
'@next/swc-linux-x64-gnu': 15.3.5
|
||||
'@next/swc-linux-x64-musl': 15.3.5
|
||||
'@next/swc-win32-arm64-msvc': 15.3.5
|
||||
'@next/swc-win32-x64-msvc': 15.3.5
|
||||
sharp: 0.34.2
|
||||
transitivePeerDependencies:
|
||||
- '@babel/core'
|
||||
|
|
@ -11992,7 +11993,7 @@ snapshots:
|
|||
dependencies:
|
||||
hosted-git-info: 4.1.0
|
||||
is-core-module: 2.16.1
|
||||
semver: 7.7.1
|
||||
semver: 7.7.2
|
||||
validate-npm-package-license: 3.0.4
|
||||
|
||||
normalize-path@3.0.0: {}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue