From 2f9af111c89ddab93739ecef1ce69d2851d6810b Mon Sep 17 00:00:00 2001 From: Tom Fifield Date: Tue, 12 Nov 2024 10:29:27 +0800 Subject: [PATCH 1/3] Update vite to 5.3.6 Fixes CVE-2024-45812 --- pnpm-lock.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ad597abd..080b010d 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -127,7 +127,7 @@ importers: version: 3.0.6(react@18.3.1) vite-plugin-node-polyfills: specifier: ^0.22.0 - version: 0.22.0(rollup@4.24.0)(vite@5.3.1(@types/node@20.14.9)) + version: 0.22.0(rollup@4.24.0)(vite@5.3.6(@types/node@20.14.9)) zustand: specifier: 4.5.2 version: 4.5.2(@types/react@18.3.3)(immer@10.1.1)(react@18.3.1) @@ -3229,7 +3229,7 @@ packages: peerDependencies: vite: ^2.0.0 || ^3.0.0 || ^4.0.0 || ^5.0.0 - vite@5.3.1: + vite@5.3.6: resolution: {integrity: sha512-XBmSKRLXLxiaPYamLv3/hnP/KXDai1NDexN0FpkTaZXTfycHvkRHoenpgl/fvuK/kPbB6xAgoyiryAhQNxYmAQ==} engines: {node: ^18.0.0 || >=20.0.0} hasBin: true @@ -6965,7 +6965,7 @@ snapshots: validator@13.12.0: {} - vite-plugin-node-polyfills@0.22.0(rollup@4.24.0)(vite@5.3.1(@types/node@20.14.9)): + vite-plugin-node-polyfills@0.22.0(rollup@4.24.0)(vite@5.3.6(@types/node@20.14.9)): dependencies: '@rollup/plugin-inject': 5.0.5(rollup@4.24.0) node-stdlib-browser: 1.2.0 @@ -6973,7 +6973,7 @@ snapshots: transitivePeerDependencies: - rollup - vite@5.3.1(@types/node@20.14.9): + vite@5.3.6(@types/node@20.14.9): dependencies: esbuild: 0.21.5 postcss: 8.4.38 From 6df0b287ef4cb95f565eeb31476a6ea2dbae64b4 Mon Sep 17 00:00:00 2001 From: Tom Fifield Date: Tue, 12 Nov 2024 10:29:27 +0800 Subject: [PATCH 2/3] Update vite to 5.3.6 Fixes CVE-2024-45812 --- pnpm-lock.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 080b010d..b5696415 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -6969,7 +6969,7 @@ snapshots: dependencies: '@rollup/plugin-inject': 5.0.5(rollup@4.24.0) node-stdlib-browser: 1.2.0 - vite: 5.3.1(@types/node@20.14.9) + vite: 5.3.6(@types/node@20.14.9) transitivePeerDependencies: - rollup From 0fc4211c136278de446cfa2753a38e0d528a33ee Mon Sep 17 00:00:00 2001 From: Tom Fifield Date: Tue, 12 Nov 2024 10:29:27 +0800 Subject: [PATCH 3/3] Update vite to 5.3.6 Fixes CVE-2024-45812 --- pnpm-lock.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index b5696415..31e2c695 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -3230,7 +3230,7 @@ packages: vite: ^2.0.0 || ^3.0.0 || ^4.0.0 || ^5.0.0 vite@5.3.6: - resolution: {integrity: sha512-XBmSKRLXLxiaPYamLv3/hnP/KXDai1NDexN0FpkTaZXTfycHvkRHoenpgl/fvuK/kPbB6xAgoyiryAhQNxYmAQ==} + resolution: {integrity: sha512-es78AlrylO8mTVBygC0gTC0FENv0C6T496vvd33ydbjF/mIi9q3XQ9A3NWo5qLGFKywvz10J26813OkLvcQleA==} engines: {node: ^18.0.0 || >=20.0.0} hasBin: true peerDependencies: