Skip to content

Commit e219e51

Browse files
ciaranjstintel
ciaranj
authored and
stintel
committed
Force override prismjs to 1.30.0 to mitigate vulnerability
The vulnerability: GHSA-x7hr-w5r2-h6wg The current package transitive dependency route looks like: [email protected] -> [email protected] -> [email protected] Even the latest version of react-syntax-highlighter (15.6.1) continues to depend on 1.27.0 so there's not a lot that can be done other than patching upstream. This commit also removes some overrides that were introduced during the nextjs update, that don't seem to be required.
1 parent c28a388 commit e219e51

File tree

2 files changed

+1
-11
lines changed

2 files changed

+1
-11
lines changed

package-lock.json

Lines changed: 0 additions & 9 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,6 @@
4747
"typescript": "4.8.4"
4848
},
4949
"overrides": {
50-
"@types/react": "19.1.0",
51-
"@types/react-dom": "19.1.1"
50+
"prismjs":"1.30.0"
5251
}
5352
}

0 commit comments

Comments
 (0)