Skip to content

Commit c43d344

Browse files
TheLastCicadaTheLastCicada
committed
fix: override ip-address to 10.1.1
Pin the vulnerable transitive dependency to the patched release while keeping express-rate-limit unchanged. This closes the advisory on v2-rc2 with the smallest dependency graph change.
1 parent 9e7897c commit c43d344

2 files changed

Lines changed: 4 additions & 38 deletions

File tree

package-lock.json

Lines changed: 3 additions & 38 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -123,6 +123,7 @@
123123
"overrides": {
124124
"diff": "8.0.3",
125125
"esbuild": "0.27.3",
126+
"ip-address": "10.1.1",
126127
"tar": "7.5.13",
127128
"mocha": {
128129
"serialize-javascript": "7.0.5"

0 commit comments

Comments
 (0)