This is an automated email from the ASF dual-hosted git repository.

tuhaihe pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudberry-site.git


The following commit(s) were added to refs/heads/main by this push:
     new c5cf7efa11 Add npm overrides for vulnerable transitive packages
c5cf7efa11 is described below

commit c5cf7efa11b32ba7411cc4a0755532bba7822227
Author: Arpit Jain <[email protected]>
AuthorDate: Tue May 12 12:48:59 2026 +0000

    Add npm overrides for vulnerable transitive packages
    
    Signed-off-by: Arpit Jain <[email protected]>
---
 package-lock.json | 31 ++++++++++---------------------
 package.json      |  4 ++++
 2 files changed, 14 insertions(+), 21 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index b1cd3e522c..bd4999d6f7 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -7514,11 +7514,6 @@
       "resolved": "https://registry.npmmirror.com/ms/-/ms-2.0.0.tgz";,
       "integrity": 
"sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="
     },
-    "node_modules/express/node_modules/path-to-regexp": {
-      "version": "0.1.10",
-      "resolved": 
"https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.10.tgz";,
-      "integrity": 
"sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w=="
-    },
     "node_modules/express/node_modules/range-parser": {
       "version": "1.2.1",
       "resolved": 
"https://registry.npmmirror.com/range-parser/-/range-parser-1.2.1.tgz";,
@@ -11088,9 +11083,10 @@
       "integrity": 
"sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw=="
     },
     "node_modules/path-to-regexp": {
-      "version": "1.8.0",
-      "resolved": 
"https://registry.npmmirror.com/path-to-regexp/-/path-to-regexp-1.8.0.tgz";,
-      "integrity": 
"sha512-n43JRhlUKUAlibEJhPeir1ncUID16QnEjNpwzNdO3Lm4ywrBpBZ5oLD0I6br9evr1Y9JTqwRtAh7JLoOzAQdVA==",
+      "version": "1.9.0",
+      "resolved": 
"https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.9.0.tgz";,
+      "integrity": 
"sha512-xIp7/apCFJuUHdDLWe8O1HIkb0kQrOMb/0u6FXQjemHn/ii5LrIzU6bdECnsiTF/GjZkMEKg1xdiZwNqDYlZ6g==",
+      "license": "MIT",
       "dependencies": {
         "isarray": "0.0.1"
       }
@@ -11933,14 +11929,6 @@
         "node": ">=10"
       }
     },
-    "node_modules/randombytes": {
-      "version": "2.1.0",
-      "resolved": 
"https://registry.npmmirror.com/randombytes/-/randombytes-2.1.0.tgz";,
-      "integrity": 
"sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==",
-      "dependencies": {
-        "safe-buffer": "^5.1.0"
-      }
-    },
     "node_modules/range-parser": {
       "version": "1.2.0",
       "resolved": 
"https://registry.npmmirror.com/range-parser/-/range-parser-1.2.0.tgz";,
@@ -12945,11 +12933,12 @@
       }
     },
     "node_modules/serialize-javascript": {
-      "version": "6.0.1",
-      "resolved": 
"https://registry.npmmirror.com/serialize-javascript/-/serialize-javascript-6.0.1.tgz";,
-      "integrity": 
"sha512-owoXEFjWRllis8/M1Q+Cw5k8ZH40e3zhp/ovX+Xr/vi1qj6QesbyXXViFbpNvWvPNAD62SutwEXavefrLJWj7w==",
-      "dependencies": {
-        "randombytes": "^2.1.0"
+      "version": "7.0.5",
+      "resolved": 
"https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-7.0.5.tgz";,
+      "integrity": 
"sha512-F4LcB0UqUl1zErq+1nYEEzSHJnIwb3AF2XWB94b+afhrekOUijwooAYqFyRbjYkm2PAKBabx6oYv/xDxNi8IBw==",
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=20.0.0"
       }
     },
     "node_modules/serve-handler": {
diff --git a/package.json b/package.json
index 3ad6e7254d..d2b8e10bc3 100644
--- a/package.json
+++ b/package.json
@@ -53,5 +53,9 @@
   },
   "engines": {
     "node": ">=18.0"
+  },
+  "overrides": {
+    "path-to-regexp": "1.9.0",
+    "serialize-javascript": "7.0.5"
   }
 }


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to