github-starred/vikunja
2
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-05-08 21:08:04 -05:00
Code Issues 690 Packages Projects Releases 11 Wiki Activity

fix(deps): patch follow-redirects and basic-ftp security vulnerabilities

Browse Source 
Update follow-redirects to 1.16.0 (fixes auth header leak on cross-domain
redirects) and basic-ftp to 5.2.2 (fixes CRLF injection in FTP commands).
This commit is contained in:
kolaente
2026-04-14 20:49:42 +02:00
parent 0b45cff583
commit a1fbc277be
2 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/package.json
View File

@@ -168,7 +168,7 @@
"overrides": {
"minimatch": "^10.2.3",
"rollup": "$rollup",
"basic-ftp": "5.2.1",
"basic-ftp": ">=5.2.2",
"serialize-javascript": "^7.0.5",
"flatted": "^3.4.1"
}

18
frontend/pnpm-lock.yaml generated
View File

@@ -7,7 +7,7 @@ settings:
overrides:
minimatch: ^10.2.3
rollup: 4.60.1
basic-ftp: 5.2.1
basic-ftp: '>=5.2.2'
serialize-javascript: ^7.0.5
flatted: ^3.4.1
@@ -3346,8 +3346,8 @@ packages:
engines: {node: '>=6.0.0'}
hasBin: true
basic-ftp@5.2.1:
resolution: {integrity: sha512-0yaL8JdxTknKDILitVpfYfV2Ob6yb3udX/hK97M7I3jOeznBNxQPtVvTUtnhUkyHlxFWyr5Lvknmgzoc7jf+1Q==}
basic-ftp@5.2.2:
resolution: {integrity: sha512-1tDrzKsdCg70WGvbFss/ulVAxupNauGnOlgpyjKzeQxzyllBLS0CGLV7tjIXTK3ZQA9/FBEm9qyFFN1bciA6pw==}
engines: {node: '>=10.0.0'}
bidi-js@1.0.3:
@@ -4155,8 +4155,8 @@ packages:
'@nuxt/kit':
optional: true
follow-redirects@1.15.11:
resolution: {integrity: sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==}
follow-redirects@1.16.0:
resolution: {integrity: sha512-y5rN/uOsadFT/JfYwhxRS5R7Qce+g3zG97+JrtFZlC9klX/W5hD7iiLzScI4nZqUS7DNUdhPgw4xI8W2LuXlUw==}
engines: {node: '>=4.0'}
peerDependencies:
debug: '*'
@@ -10064,7 +10064,7 @@ snapshots:
axios@1.15.0:
dependencies:
follow-redirects: 1.15.11
follow-redirects: 1.16.0
form-data: 4.0.5
proxy-from-env: 2.1.0
transitivePeerDependencies:
@@ -10127,7 +10127,7 @@ snapshots:
baseline-browser-mapping@2.10.12: {}
basic-ftp@5.2.1: {}
basic-ftp@5.2.2: {}
bidi-js@1.0.3:
dependencies:
@@ -11047,7 +11047,7 @@ snapshots:
vue: 3.5.27(typescript@5.9.3)
vue-resize: 2.0.0-alpha.1(vue@3.5.27(typescript@5.9.3))
follow-redirects@1.15.11: {}
follow-redirects@1.16.0: {}
for-each@0.3.3:
dependencies:
@@ -11140,7 +11140,7 @@ snapshots:
get-uri@6.0.4:
dependencies:
basic-ftp: 5.2.1
basic-ftp: 5.2.2
data-uri-to-buffer: 6.0.2
debug: 4.4.3
transitivePeerDependencies: