Skip to content

fix: patch transitive dep CVEs in nextjs-frontend via yarn resolutions#284

Closed
luarss wants to merge 1 commit into
masterfrom
claude/adoring-noether-9yOgN
Closed

fix: patch transitive dep CVEs in nextjs-frontend via yarn resolutions#284
luarss wants to merge 1 commit into
masterfrom
claude/adoring-noether-9yOgN

Conversation

@luarss
Copy link
Copy Markdown
Collaborator

@luarss luarss commented Jun 4, 2026

Pin brace-expansion >=1.1.13 (CVE-2026-33750, CVE-2025-5889), @eslint/plugin-kit >=0.3.4 (GHSA-xffm-g5w8-qvg7), and ajv >=6.14.0 (CVE-2025-69873) to their patched versions. All four advisories now clear; yarn audit reports 0 vulnerabilities.

https://claude.ai/code/session_01SBgjmJodHCRpFysr7ss1Dn

@claude
fix: patch transitive dep CVEs in nextjs-frontend via yarn resolutions
3682d15 
Pin brace-expansion >=1.1.13 (CVE-2026-33750, CVE-2025-5889),
@eslint/plugin-kit >=0.3.4 (GHSA-xffm-g5w8-qvg7), and
ajv >=6.14.0 (CVE-2025-69873) to their patched versions.
All four advisories now clear; yarn audit reports 0 vulnerabilities.

https://claude.ai/code/session_01SBgjmJodHCRpFysr7ss1Dn
@luarss luarss closed this Jun 4, 2026
@luarss luarss deleted the claude/adoring-noether-9yOgN branch June 4, 2026 12:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@luarss @claude