Skip to content

Commit

Permalink
Address CVEs
Browse files Browse the repository at this point in the history 
This updates:
- nanoid (JavaScript) (CVE-2024-55565)
- path-to-regexp (JavaScript) (CVE-2024-52798)
- golang.org/x/net (Go) (CVE-2024-45338)

This also updates to Node.js 22.

Many of the CVEs addressed are not in the delivered product, but it can
help to avoid false positives from CVE scanners and avoid CVEs during
development.

Relates:
https://issues.redhat.com/browse/RHOAIENG-17816

Signed-off-by: mprahl <mprahl@users.noreply.github.com>
  • Loading branch information
@mprahl
mprahl committed Jan 15, 2025
1 parent 2969fca commit 453c617
Show file tree
Hide file tree
Showing 14 changed files with 7,856 additions and 6,940 deletions.
5 changes: 2 additions & 3 deletions api/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,11 @@ go 1.16

require (
google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1
google.golang.org/protobuf v1.30.0
google.golang.org/protobuf v1.33.0
)

replace (
github.com/mattn/go-sqlite3 => github.com/mattn/go-sqlite3 v1.14.18
golang.org/x/net => golang.org/x/net v0.17.0
golang.org/x/net v0.17.0 => golang.org/x/net v0.23.0
golang.org/x/net => golang.org/x/net v0.33.0
google.golang.org/grpc => google.golang.org/grpc v1.56.3
)
29 changes: 22 additions & 7 deletions api/go.sum
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion frontend/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM node:18.18.2 as build
FROM node:22.13 as build

ARG COMMIT_HASH
ENV COMMIT_HASH=${COMMIT_HASH}
Expand Down
38 changes: 23 additions & 15 deletions frontend/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions frontend/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,12 @@
"resolutions": {
"workbox-webpack-plugin": "6.6.0"
},
"overrides": {
"nanoid": "3.3.8",
"express": {
"path-to-regexp": "0.1.12"
}
},
"homepage": "./",
"jest": {
"collectCoverageFrom": [
Expand Down
Loading

0 comments on commit 453c617

Please sign in to comment.