From 4bf73f63f49dd0080b8e8835754ab8c30bb064fa Mon Sep 17 00:00:00 2001 From: Ubbe Date: Mon, 7 Jul 2025 23:03:08 +0400 Subject: [PATCH] fix(frontend): vulnerability dep (#10319) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## Changes 🏗️ `pbkdf2` should be on `3.1.3` to address [this alert](https://github.com/Significant-Gravitas/AutoGPT/security/dependabot/343). ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] pnpm installs work ### For configuration changes: None --- autogpt_platform/frontend/package.json | 1 + autogpt_platform/frontend/pnpm-lock.yaml | 25 ++++-------------------- 2 files changed, 5 insertions(+), 21 deletions(-) diff --git a/autogpt_platform/frontend/package.json b/autogpt_platform/frontend/package.json index c51fa60c41..e9ce1b1c1f 100644 --- a/autogpt_platform/frontend/package.json +++ b/autogpt_platform/frontend/package.json @@ -121,6 +121,7 @@ "msw": "2.10.2", "msw-storybook-addon": "2.0.5", "orval": "7.10.0", + "pbkdf2": "3.1.3", "postcss": "8.5.6", "prettier": "3.6.2", "prettier-plugin-tailwindcss": "0.6.13", diff --git a/autogpt_platform/frontend/pnpm-lock.yaml b/autogpt_platform/frontend/pnpm-lock.yaml index 64b4f0a29c..d85054defb 100644 --- a/autogpt_platform/frontend/pnpm-lock.yaml +++ b/autogpt_platform/frontend/pnpm-lock.yaml @@ -288,6 +288,9 @@ importers: orval: specifier: 7.10.0 version: 7.10.0(openapi-types@12.1.3) + pbkdf2: + specifier: 3.1.3 + version: 3.1.3 postcss: specifier: 8.5.6 version: 8.5.6 @@ -3812,11 +3815,6 @@ packages: create-hmac@1.1.7: resolution: {integrity: sha512-MJG9liiZ+ogc4TzUwuvbER1JRdgvUFSB5+VR/g5h82fGaIRWMWddtKBHi7/sVhfjQZ6SehlyhvQYrcYkaUIpLg==} - create-jest@29.7.0: - resolution: {integrity: sha512-Adz2bdH0Vq3F53KEMJOoftQFutWCukm6J24wbPWRO4k1kMY7gS7ds/uoJkNuV8wDCtWWnuwGcJwpWcih+zEW1Q==} - engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} - hasBin: true - cross-env@7.0.3: resolution: {integrity: sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==} engines: {node: '>=10.14', npm: '>=6', yarn: '>=1'} @@ -11175,7 +11173,7 @@ snapshots: dependencies: cipher-base: 1.0.6 inherits: 2.0.4 - ripemd160: 2.0.1 + ripemd160: 2.0.2 sha.js: 2.4.11 create-hash@1.2.0: @@ -11195,21 +11193,6 @@ snapshots: safe-buffer: 5.2.1 sha.js: 2.4.11 - create-jest@29.7.0(@types/node@22.15.30): - dependencies: - '@jest/types': 29.6.3 - chalk: 4.1.2 - exit: 0.1.2 - graceful-fs: 4.2.11 - jest-config: 29.7.0(@types/node@22.15.30) - jest-util: 29.7.0 - prompts: 2.4.2 - transitivePeerDependencies: - - '@types/node' - - babel-plugin-macros - - supports-color - - ts-node - cross-env@7.0.3: dependencies: cross-spawn: 7.0.6