This is an automated email from the ASF dual-hosted git repository.
baoyuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git
The following commit(s) were added to refs/heads/master by this push:
new 3a79f6a42 fix: resolve Dependabot security alerts for transitive
dependencies (#3364)
3a79f6a42 is described below
commit 3a79f6a42ae4bc220c913a522c361ea311758e7a
Author: Baoyuan <[email protected]>
AuthorDate: Fri Apr 3 16:53:57 2026 +0800
fix: resolve Dependabot security alerts for transitive dependencies (#3364)
---
package.json | 7 ++++++-
pnpm-lock.yaml | 56 ++++++++++++++++++++++++++++++--------------------------
2 files changed, 36 insertions(+), 27 deletions(-)
diff --git a/package.json b/package.json
index ee5b448f6..00345cf88 100644
--- a/package.json
+++ b/package.json
@@ -108,7 +108,12 @@
"diff": ">=8.0.3",
"@swc/core": "1.10.0",
"flatted": ">=3.4.2",
- "undici": ">=6.24.0"
+ "undici": ">=6.24.0",
+ "path-to-regexp": ">=8.4.0",
+ "brace-expansion": ">=5.0.5",
+ "anymatch>picomatch": "2.3.2",
+ "readdirp>picomatch": "2.3.2",
+ "picomatch": ">=4.0.4"
},
"onlyBuiltDependencies": [
"@swc/core",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index d91a11a7c..2243710dc 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -14,6 +14,11 @@ overrides:
'@swc/core': 1.10.0
flatted: '>=3.4.2'
undici: '>=6.24.0'
+ path-to-regexp: '>=8.4.0'
+ brace-expansion: '>=5.0.5'
+ anymatch>picomatch: 2.3.2
+ readdirp>picomatch: 2.3.2
+ picomatch: '>=4.0.4'
importers:
@@ -1885,8 +1890,8 @@ packages:
resolution: {integrity:
sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==}
engines: {node: '>=8'}
- [email protected]:
- resolution: {integrity:
sha512-h+DEnpVvxmfVefa4jFbCf5HdH5YMDXRsmKflpf1pILZWRFlTbJpxeU55nJl4Smt5HQaGzg1o6RHFPJaOqnmBDg==}
+ [email protected]:
+ resolution: {integrity:
sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==}
engines: {node: 18 || 20 || >=22}
[email protected]:
@@ -2367,7 +2372,7 @@ packages:
resolution: {integrity:
sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==}
engines: {node: '>=12.0.0'}
peerDependencies:
- picomatch: ^3 || ^4
+ picomatch: '>=4.0.4'
peerDependenciesMeta:
picomatch:
optional: true
@@ -3062,9 +3067,8 @@ packages:
[email protected]:
resolution: {integrity:
sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==}
- [email protected]:
- resolution: {integrity:
sha512-TdrF7fW9Rphjq4RjrW0Kp2AW0Ahwu9sRGTkS6bvDi0SCwZlEZYmcfDbEsTz8RVk0EHIS/Vd1bv3JhG+1xZuAyQ==}
- engines: {node: '>=16'}
+ [email protected]:
+ resolution: {integrity:
sha512-qRcuIdP69NPm4qbACK+aDogI5CBDMi1jKe0ry5rSQJz8JVLsC7jV8XpiJjGRLLol3N+R5ihGYcrPLTno6pAdBA==}
[email protected]:
resolution: {integrity:
sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==}
@@ -3076,12 +3080,12 @@ packages:
[email protected]:
resolution: {integrity:
sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==}
- [email protected]:
- resolution: {integrity:
sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==}
+ [email protected]:
+ resolution: {integrity:
sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==}
engines: {node: '>=8.6'}
- [email protected]:
- resolution: {integrity:
sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==}
+ [email protected]:
+ resolution: {integrity:
sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==}
engines: {node: '>=12'}
[email protected]:
@@ -4351,7 +4355,7 @@ snapshots:
classnames: 2.5.1
lodash: 4.17.23
lodash-es: 4.17.23
- path-to-regexp: 8.2.0
+ path-to-regexp: 8.4.2
rc-resize-observer: 1.4.3([email protected]([email protected]))([email protected])
rc-util: 5.44.4([email protected]([email protected]))([email protected])
react: 19.1.0
@@ -5862,7 +5866,7 @@ snapshots:
[email protected]:
dependencies:
normalize-path: 3.0.0
- picomatch: 2.3.1
+ picomatch: 2.3.2
[email protected]: {}
@@ -5988,7 +5992,7 @@ snapshots:
[email protected]: {}
- [email protected]:
+ [email protected]:
dependencies:
balanced-match: 4.0.4
@@ -6609,9 +6613,9 @@ snapshots:
[email protected]: {}
- [email protected]([email protected]):
+ [email protected]([email protected]):
optionalDependencies:
- picomatch: 4.0.3
+ picomatch: 4.0.4
[email protected]:
dependencies:
@@ -7090,7 +7094,7 @@ snapshots:
[email protected]:
dependencies:
braces: 3.0.3
- picomatch: 2.3.1
+ picomatch: 4.0.4
[email protected]: {}
@@ -7104,7 +7108,7 @@ snapshots:
[email protected]:
dependencies:
- brace-expansion: 5.0.4
+ brace-expansion: 5.0.5
[email protected]: {}
@@ -7289,7 +7293,7 @@ snapshots:
[email protected]: {}
- [email protected]: {}
+ [email protected]: {}
[email protected]: {}
@@ -7297,9 +7301,9 @@ snapshots:
[email protected]: {}
- [email protected]: {}
+ [email protected]: {}
- [email protected]: {}
+ [email protected]: {}
[email protected]: {}
@@ -7851,7 +7855,7 @@ snapshots:
[email protected]:
dependencies:
- picomatch: 2.3.1
+ picomatch: 2.3.2
[email protected]:
dependencies:
@@ -8215,8 +8219,8 @@ snapshots:
[email protected]:
dependencies:
- fdir: 6.5.0([email protected])
- picomatch: 4.0.3
+ fdir: 6.5.0([email protected])
+ picomatch: 4.0.4
[email protected]:
dependencies:
@@ -8352,7 +8356,7 @@ snapshots:
dependencies:
'@jridgewell/remapping': 2.3.5
acorn: 8.16.0
- picomatch: 4.0.3
+ picomatch: 4.0.4
webpack-virtual-modules: 0.6.2
[email protected]:
@@ -8451,8 +8455,8 @@ snapshots:
[email protected](@types/[email protected])([email protected])([email protected]([email protected]))([email protected])([email protected]):
dependencies:
esbuild: 0.25.12
- fdir: 6.5.0([email protected])
- picomatch: 4.0.3
+ fdir: 6.5.0([email protected])
+ picomatch: 4.0.4
postcss: 8.5.8
rollup: 4.59.0
tinyglobby: 0.2.15
