Commit 10b3308
committed
langfuse-3: update dependencies to remediate CVEs (#72417)
- CVE-2026-41242 / GHSA-xq3m-2v4x-88gg (Critical) - protobufjs 7.4.0, 7.5.4 -> ^7.5.5
- GHSA-q4gf-8mx6-v5v3 (High) - next 16.2.1 -> ^16.2.3
- GHSA-39q2-94rc-95cp (Medium) - dompurify 3.3.3 -> ^3.4.0
- GHSA-r4q5-vmmm-2653 (Medium) - follow-redirects 1.15.11 -> ^1.16.0
- CVE-2026-40190 / GHSA-fw9q-39r9-c252 (Medium) - langsmith 0.4.12 -> ^0.5.19
- GHSA-rr7j-v2q5-chgv (Medium) - langsmith 0.4.12 -> ^0.5.19
- CVE-2026-33532 / GHSA-48c2-rrv3-qjmp (Medium) - yaml 2.8.1 -> ^2.8.3
Signed-off-by: Brian Carey <brian.carey@chainguard.dev>
Export: b0fab1f4edfaa2138ee8b76161401f63c22ff5c41 parent 5f87f5d commit 10b3308
1 file changed
Lines changed: 13 additions & 5 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
| 3 | + | |
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
| |||
77 | 77 | | |
78 | 78 | | |
79 | 79 | | |
80 | | - | |
| 80 | + | |
81 | 81 | | |
82 | 82 | | |
83 | 83 | | |
| |||
104 | 104 | | |
105 | 105 | | |
106 | 106 | | |
107 | | - | |
| 107 | + | |
108 | 108 | | |
109 | 109 | | |
110 | 110 | | |
| |||
113 | 113 | | |
114 | 114 | | |
115 | 115 | | |
116 | | - | |
| 116 | + | |
| 117 | + | |
| 118 | + | |
| 119 | + | |
117 | 120 | | |
118 | 121 | | |
119 | 122 | | |
| |||
272 | 275 | | |
273 | 276 | | |
274 | 277 | | |
275 | | - | |
| 278 | + | |
| 279 | + | |
| 280 | + | |
| 281 | + | |
| 282 | + | |
| 283 | + | |
276 | 284 | | |
277 | 285 | | |
278 | 286 | | |
| |||
0 commit comments