(airflow) branch main updated: Fix NPM security issues in FAB provider (#64308)

Fri, 27 Mar 2026 11:07:21 -0700 

This is an automated email from the ASF dual-hosted git repository.

vincbeck pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git


The following commit(s) were added to refs/heads/main by this push:
     new 40da4ae928e Fix NPM security issues in FAB provider (#64308)
40da4ae928e is described below

commit 40da4ae928eac636d9c9146de869767bf312d8c6
Author: Vincent <[email protected]>
AuthorDate: Fri Mar 27 15:07:05 2026 -0300

    Fix NPM security issues in FAB provider (#64308)
---
 .../fab/src/airflow/providers/fab/www/package.json |  5 +--
 .../src/airflow/providers/fab/www/pnpm-lock.yaml   | 37 ++++++++++------------
 2 files changed, 19 insertions(+), 23 deletions(-)

diff --git a/providers/fab/src/airflow/providers/fab/www/package.json 
b/providers/fab/src/airflow/providers/fab/www/package.json
index 04bc1651bfa..2a52b03bd2e 100644
--- a/providers/fab/src/airflow/providers/fab/www/package.json
+++ b/providers/fab/src/airflow/providers/fab/www/package.json
@@ -71,8 +71,9 @@
       "minimatch@>=10.0.0 <10.2.3": ">=10.2.3",
       "serialize-javascript@<=7.0.2": ">=7.0.3",
       "svgo@<4.0.1": ">=4.0.1",
-      "flatted@<3.4.0": ">=3.4.0",
-      "flatted@<=3.4.1": ">=3.4.2"
+      "flatted@<=3.4.1": ">=3.4.2",
+      "picomatch@<4.0.4": ">=4.0.4",
+      "brace-expansion@>=4.0.0 <5.0.5": ">=5.0.5"
     }
   },
   "resolutions": {
diff --git a/providers/fab/src/airflow/providers/fab/www/pnpm-lock.yaml 
b/providers/fab/src/airflow/providers/fab/www/pnpm-lock.yaml
index 92bbbdc7a1f..ef2846a2fad 100644
--- a/providers/fab/src/airflow/providers/fab/www/pnpm-lock.yaml
+++ b/providers/fab/src/airflow/providers/fab/www/pnpm-lock.yaml
@@ -9,8 +9,9 @@ overrides:
   minimatch@>=10.0.0 <10.2.3: '>=10.2.3'
   serialize-javascript@<=7.0.2: '>=7.0.3'
   svgo@<4.0.1: '>=4.0.1'
-  flatted@<3.4.0: '>=3.4.0'
   flatted@<=3.4.1: '>=3.4.2'
+  picomatch@<4.0.4: '>=4.0.4'
+  brace-expansion@>=4.0.0 <5.0.5: '>=5.0.5'
 
 importers:
 
@@ -967,8 +968,8 @@ packages:
   [email protected]:
     resolution: {integrity: 
sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww==}
 
-  [email protected]:
-    resolution: {integrity: 
sha512-h+DEnpVvxmfVefa4jFbCf5HdH5YMDXRsmKflpf1pILZWRFlTbJpxeU55nJl4Smt5HQaGzg1o6RHFPJaOqnmBDg==}
+  [email protected]:
+    resolution: {integrity: 
sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==}
     engines: {node: 18 || 20 || >=22}
 
   [email protected]:
@@ -1302,7 +1303,7 @@ packages:
     resolution: {integrity: 
sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==}
     engines: {node: '>=12.0.0'}
     peerDependencies:
-      picomatch: ^3 || ^4
+      picomatch: '>=4.0.4'
     peerDependenciesMeta:
       picomatch:
         optional: true
@@ -1736,12 +1737,8 @@ packages:
   [email protected]:
     resolution: {integrity: 
sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==}
 
-  [email protected]:
-    resolution: {integrity: 
sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==}
-    engines: {node: '>=8.6'}
-
-  [email protected]:
-    resolution: {integrity: 
sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==}
+  [email protected]:
+    resolution: {integrity: 
sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==}
     engines: {node: '>=12'}
 
   [email protected]:
@@ -3393,7 +3390,7 @@ snapshots:
 
   [email protected]: {}
 
-  [email protected]:
+  [email protected]:
     dependencies:
       balanced-match: 4.0.4
 
@@ -3736,9 +3733,9 @@ snapshots:
     dependencies:
       reusify: 1.1.0
 
-  [email protected]([email protected]):
+  [email protected]([email protected]):
     optionalDependencies:
-      picomatch: 4.0.3
+      picomatch: 4.0.4
 
   [email protected]:
     dependencies:
@@ -3907,7 +3904,7 @@ snapshots:
       chalk: 4.1.2
       ci-info: 4.4.0
       graceful-fs: 4.2.11
-      picomatch: 4.0.3
+      picomatch: 4.0.4
 
   [email protected]:
     dependencies:
@@ -4015,7 +4012,7 @@ snapshots:
   [email protected]:
     dependencies:
       braces: 3.0.3
-      picomatch: 2.3.1
+      picomatch: 4.0.4
 
   [email protected]: {}
 
@@ -4031,7 +4028,7 @@ snapshots:
 
   [email protected]:
     dependencies:
-      brace-expansion: 5.0.4
+      brace-expansion: 5.0.5
 
   [email protected]([email protected])([email protected]):
     dependencies:
@@ -4112,9 +4109,7 @@ snapshots:
 
   [email protected]: {}
 
-  [email protected]: {}
-
-  [email protected]: {}
+  [email protected]: {}
 
   [email protected]:
     dependencies:
@@ -4563,8 +4558,8 @@ snapshots:
 
   [email protected]:
     dependencies:
-      fdir: 6.5.0([email protected])
-      picomatch: 4.0.3
+      fdir: 6.5.0([email protected])
+      picomatch: 4.0.4
 
   [email protected]:
     dependencies:

Reply via email to