fix(deps): patch follow-redirects and basic-ftp security vulnerabilities

Update follow-redirects to 1.16.0 (fixes auth header leak on cross-domain
redirects) and basic-ftp to 5.2.2 (fixes CRLF injection in FTP commands).
This commit is contained in:
kolaente 2026-04-14 20:49:42 +02:00
parent 0b45cff583
commit a1fbc277be
No known key found for this signature in database
GPG Key ID: F40E70337AB24C9B
2 changed files with 10 additions and 10 deletions

View File

@ -168,7 +168,7 @@
"overrides": { "overrides": {
"minimatch": "^10.2.3", "minimatch": "^10.2.3",
"rollup": "$rollup", "rollup": "$rollup",
"basic-ftp": "5.2.1", "basic-ftp": ">=5.2.2",
"serialize-javascript": "^7.0.5", "serialize-javascript": "^7.0.5",
"flatted": "^3.4.1" "flatted": "^3.4.1"
} }

View File

@ -7,7 +7,7 @@ settings:
overrides: overrides:
minimatch: ^10.2.3 minimatch: ^10.2.3
rollup: 4.60.1 rollup: 4.60.1
basic-ftp: 5.2.1 basic-ftp: '>=5.2.2'
serialize-javascript: ^7.0.5 serialize-javascript: ^7.0.5
flatted: ^3.4.1 flatted: ^3.4.1
@ -3346,8 +3346,8 @@ packages:
engines: {node: '>=6.0.0'} engines: {node: '>=6.0.0'}
hasBin: true hasBin: true
basic-ftp@5.2.1: basic-ftp@5.2.2:
resolution: {integrity: sha512-0yaL8JdxTknKDILitVpfYfV2Ob6yb3udX/hK97M7I3jOeznBNxQPtVvTUtnhUkyHlxFWyr5Lvknmgzoc7jf+1Q==} resolution: {integrity: sha512-1tDrzKsdCg70WGvbFss/ulVAxupNauGnOlgpyjKzeQxzyllBLS0CGLV7tjIXTK3ZQA9/FBEm9qyFFN1bciA6pw==}
engines: {node: '>=10.0.0'} engines: {node: '>=10.0.0'}
bidi-js@1.0.3: bidi-js@1.0.3:
@ -4155,8 +4155,8 @@ packages:
'@nuxt/kit': '@nuxt/kit':
optional: true optional: true
follow-redirects@1.15.11: follow-redirects@1.16.0:
resolution: {integrity: sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==} resolution: {integrity: sha512-y5rN/uOsadFT/JfYwhxRS5R7Qce+g3zG97+JrtFZlC9klX/W5hD7iiLzScI4nZqUS7DNUdhPgw4xI8W2LuXlUw==}
engines: {node: '>=4.0'} engines: {node: '>=4.0'}
peerDependencies: peerDependencies:
debug: '*' debug: '*'
@ -10064,7 +10064,7 @@ snapshots:
axios@1.15.0: axios@1.15.0:
dependencies: dependencies:
follow-redirects: 1.15.11 follow-redirects: 1.16.0
form-data: 4.0.5 form-data: 4.0.5
proxy-from-env: 2.1.0 proxy-from-env: 2.1.0
transitivePeerDependencies: transitivePeerDependencies:
@ -10127,7 +10127,7 @@ snapshots:
baseline-browser-mapping@2.10.12: {} baseline-browser-mapping@2.10.12: {}
basic-ftp@5.2.1: {} basic-ftp@5.2.2: {}
bidi-js@1.0.3: bidi-js@1.0.3:
dependencies: dependencies:
@ -11047,7 +11047,7 @@ snapshots:
vue: 3.5.27(typescript@5.9.3) vue: 3.5.27(typescript@5.9.3)
vue-resize: 2.0.0-alpha.1(vue@3.5.27(typescript@5.9.3)) vue-resize: 2.0.0-alpha.1(vue@3.5.27(typescript@5.9.3))
follow-redirects@1.15.11: {} follow-redirects@1.16.0: {}
for-each@0.3.3: for-each@0.3.3:
dependencies: dependencies:
@ -11140,7 +11140,7 @@ snapshots:
get-uri@6.0.4: get-uri@6.0.4:
dependencies: dependencies:
basic-ftp: 5.2.1 basic-ftp: 5.2.2
data-uri-to-buffer: 6.0.2 data-uri-to-buffer: 6.0.2
debug: 4.4.3 debug: 4.4.3
transitivePeerDependencies: transitivePeerDependencies: