diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index dff5dc4a..d901068d 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -39,7 +39,7 @@ jobs: cache-dependency-path: pnpm-lock.yaml - name: Install dependencies - run: pnpm install + run: pnpm install --frozen-lockfile - name: Check run: pnpm run check @@ -100,7 +100,7 @@ jobs: cache-dependency-path: pnpm-lock.yaml - name: Install dependencies - run: pnpm install + run: pnpm install --frozen-lockfile - name: Run Playwright tests run: pnpm run test:e2e --shard=${{ matrix.shard }}/3 diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 5eeb72bd..089255c9 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -4,6 +4,11 @@ settings: autoInstallPeers: true excludeLinksFromLockfile: false +overrides: + protobufjs: '>=7.5.5' + tar: '>=7.5.13' + dompurify: '>=3.4.0' + patchedDependencies: '@braintree/sanitize-url@7.1.2': hash: 74e2e7d501bbd370f1be1835a3907a7ab1281616bfb77ec2ed3d7cd014afae59 @@ -2100,11 +2105,8 @@ packages: discontinuous-range@1.0.0: resolution: {integrity: sha512-c68LpLbO+7kP/b1Hr1qs8/BJ09F5khZGTxqxZuhzxpmwJKOgRFHJWIb9/KmqnqHhLdO55aOxFH/EGBvUQbL/RQ==} - dompurify@3.2.7: - resolution: {integrity: sha512-WhL/YuveyGXJaerVlMYGWhvQswa7myDG17P7Vu65EWC05o8vfeNbvNf4d/BOvH99+ZW+LlQsc1GDKMa1vNK6dw==} - - dompurify@3.3.3: - resolution: {integrity: sha512-Oj6pzI2+RqBfFG+qOaOLbFXLQ90ARpcGG6UePL82bJLtdsa6CYJD7nmiU8MW9nQNOtCHV3lZ/Bzq1X0QYbBZCA==} + dompurify@3.4.1: + resolution: {integrity: sha512-JahakDAIg1gyOm7dlgWSDjV4n7Ip2PKR55NIT6jrMfIgLFgWo81vdr1/QGqWtFNRqXP9UV71oVePtjqS2ebnPw==} dot-case@3.0.4: resolution: {integrity: sha512-Kv5nKlh6yRrdrGvxeJ2e5y2eRUpkUosIW4A2AS38zwSz27zu7ufDwQPi5Jhs3XAlGNetl3bmnGhQsMtkKJnj3w==} @@ -2935,11 +2937,6 @@ packages: typescript: optional: true - mkdirp@3.0.1: - resolution: {integrity: sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==} - engines: {node: '>=10'} - hasBin: true - mlly@1.8.2: resolution: {integrity: sha512-d+ObxMQFmbt10sretNDytwt85VrbkhhUA/JBGm1MPaWJ65Cl4wOgLaB1NYvJSZ0Ef03MMEU/0xpPMXUIQ29UfA==} @@ -3283,8 +3280,8 @@ packages: property-information@7.1.0: resolution: {integrity: sha512-TwEZ+X+yCJmYfL7TPUOcvBZ4QfoT5YenQiJuX//0th53DE6w0xxLEtfK3iyryQFddXuvkIk51EEgrJQ0WJkOmQ==} - protobufjs@7.5.4: - resolution: {integrity: sha512-CvexbZtbov6jW2eXAvLukXjXUW1TzFaivC46BpWc/3BpcCysb5Vffu+B3XHMm8lVEuy2Mm4XGex8hBSg1yapPg==} + protobufjs@8.0.1: + resolution: {integrity: sha512-NWWCCscLjs+cOKF/s/XVNFRW7Yih0fdH+9brffR5NZCy8k42yRdl5KlWKMVXuI1vfCoy4o1z80XR/W/QUb3V3w==} engines: {node: '>=12.0.0'} proxy-addr@2.0.7: @@ -3610,10 +3607,9 @@ packages: resolution: {integrity: sha512-1MOpMXuhGzGL5TTCZFItxCc0AARf1EZFQkGqMm7ERKj8+Hgr5oLvJOVFcC+lRmR8hCe2S3jC4T5D7Vg/d7/fhA==} engines: {node: '>=6'} - tar@7.2.0: - resolution: {integrity: sha512-hctwP0Nb4AB60bj8WQgRYaMOuJYRAPMGiQUAotms5igN8ppfQM+IvjQ5HcKu1MaZh2Wy2KWVTe563Yj8dfc14w==} + tar@7.5.13: + resolution: {integrity: sha512-tOG/7GyXpFevhXVh8jOPJrmtRpOTsYqUIkVdVooZYJS/z8WhfQUX8RJILmeuJNinGAMSu1veBr4asSHFt5/hng==} engines: {node: '>=18'} - deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me terser-webpack-plugin@5.4.0: resolution: {integrity: sha512-Bn5vxm48flOIfkdl5CaD2+1CiUVbonWQ3KQPyP7/EuIl9Gbzq/gQFOzaMFUEgVjB1396tcK0SG8XcNJ/2kDH8g==} @@ -4711,7 +4707,7 @@ snapshots: '@opentelemetry/sdk-logs': 0.208.0(@opentelemetry/api@1.9.1) '@opentelemetry/sdk-metrics': 2.2.0(@opentelemetry/api@1.9.1) '@opentelemetry/sdk-trace-base': 2.2.0(@opentelemetry/api@1.9.1) - protobufjs: 7.5.4 + protobufjs: 8.0.1 '@opentelemetry/resources@2.2.0(@opentelemetry/api@1.9.1)': dependencies: @@ -5985,11 +5981,7 @@ snapshots: discontinuous-range@1.0.0: {} - dompurify@3.2.7: - optionalDependencies: - '@types/trusted-types': 2.0.7 - - dompurify@3.3.3: + dompurify@3.4.1: optionalDependencies: '@types/trusted-types': 2.0.7 @@ -6845,7 +6837,7 @@ snapshots: d3-sankey: 0.12.3 dagre-d3-es: 7.0.14 dayjs: 1.11.20(patch_hash=47bfcf62e3c84ba85d881815422a02e23f372df46bddb9b022eb3705361fd165) - dompurify: 3.3.3 + dompurify: 3.4.1 katex: 0.16.45 khroma: 2.1.0 lodash-es: 4.18.1 @@ -7160,8 +7152,6 @@ snapshots: optionalDependencies: typescript: 5.9.3 - mkdirp@3.0.1: {} - mlly@1.8.2: dependencies: acorn: 8.16.0 @@ -7171,7 +7161,7 @@ snapshots: monaco-editor@0.55.1: dependencies: - dompurify: 3.2.7 + dompurify: 3.4.1 marked: 14.0.0 moo@0.5.3: {} @@ -7390,7 +7380,7 @@ snapshots: '@posthog/core': 1.25.2 '@posthog/types': 1.367.0 core-js: 3.49.0 - dompurify: 3.3.3 + dompurify: 3.4.1 fflate: 0.4.8 preact: 10.29.1 query-selector-shadow-dom: 1.0.1 @@ -7413,13 +7403,13 @@ snapshots: execa: 9.6.1 get-port: 7.2.0 http-proxy: 1.18.1 - tar: 7.2.0 + tar: 7.5.13 transitivePeerDependencies: - debug property-information@7.1.0: {} - protobufjs@7.5.4: + protobufjs@8.0.1: dependencies: '@protobufjs/aspromise': 1.1.2 '@protobufjs/base64': 1.1.2 @@ -7878,13 +7868,12 @@ snapshots: tapable@2.3.2: {} - tar@7.2.0: + tar@7.5.13: dependencies: '@isaacs/fs-minipass': 4.0.1 chownr: 3.0.0 minipass: 7.1.3 minizlib: 3.1.0 - mkdirp: 3.0.1 yallist: 5.0.0 terser-webpack-plugin@5.4.0(webpack@5.104.1): diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index fcfbc0f0..6514cb14 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -7,6 +7,8 @@ onlyBuiltDependencies: - core-js - es5-ext - esbuild + +ignoredBuiltDependencies: - protobufjs minimumReleaseAgeExclude: @@ -16,6 +18,11 @@ minimumReleaseAgeExclude: - ox - viem +overrides: + protobufjs: '>=7.5.5' + tar: '>=7.5.13' + dompurify: '>=3.4.0' + patchedDependencies: '@braintree/sanitize-url@7.1.2': patches/@braintree__sanitize-url@7.1.2.patch dayjs@1.11.20: patches/dayjs@1.11.20.patch