mirror of
https://github.com/graphql-hive/console
synced 2026-04-21 14:37:17 +00:00
chore: update vulnerabilities 2026-04-09 (#7961)
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
parent
77d6063512
commit
40fd27d9c0
6 changed files with 40 additions and 16 deletions
6
.changeset/bright-buses-say.md
Normal file
6
.changeset/bright-buses-say.md
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
'hive': patch
|
||||
---
|
||||
|
||||
Update [`nodemailer`](https://github.com/nodemailer/nodemailer) to address vulnerability
|
||||
[GHSA-vvjj-xcjg-gr5g](https://github.com/advisories/GHSA-vvjj-xcjg-gr5g).
|
||||
6
.changeset/stale-cooks-talk.md
Normal file
6
.changeset/stale-cooks-talk.md
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
'hive': patch
|
||||
---
|
||||
|
||||
Update [`opentelemetry-go`](https://github.com/open-telemetry/opentelemetry-go) to address vulnerability
|
||||
[CVE-2026-39883](https://github.com/advisories/GHSA-hfvc-g4fc-pqhx).
|
||||
|
|
@ -12,8 +12,8 @@ require (
|
|||
go.opentelemetry.io/collector/extension v1.53.0
|
||||
go.opentelemetry.io/collector/extension/extensionauth v1.53.0
|
||||
go.opentelemetry.io/collector/extension/extensiontest v0.147.0
|
||||
go.opentelemetry.io/otel v1.40.0
|
||||
go.opentelemetry.io/otel/metric v1.40.0
|
||||
go.opentelemetry.io/otel v1.43.0
|
||||
go.opentelemetry.io/otel/metric v1.43.0
|
||||
go.uber.org/goleak v1.3.0
|
||||
go.uber.org/zap v1.27.1
|
||||
golang.org/x/sync v0.19.0
|
||||
|
|
@ -41,13 +41,13 @@ require (
|
|||
go.opentelemetry.io/collector/featuregate v1.53.0 // indirect
|
||||
go.opentelemetry.io/collector/internal/componentalias v0.147.0 // indirect
|
||||
go.opentelemetry.io/collector/pdata v1.53.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk v1.40.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk/metric v1.40.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.40.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk v1.43.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk/metric v1.43.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.43.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
go.yaml.in/yaml/v3 v3.0.4 // indirect
|
||||
golang.org/x/net v0.51.0 // indirect
|
||||
golang.org/x/sys v0.41.0 // indirect
|
||||
golang.org/x/sys v0.42.0 // indirect
|
||||
golang.org/x/text v0.34.0 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b // indirect
|
||||
google.golang.org/grpc v1.79.3 // indirect
|
||||
|
|
|
|||
|
|
@ -79,14 +79,24 @@ go.opentelemetry.io/collector/pdata v1.53.0 h1:DlYDbRwammEZaxDZHINx5v0n8SEOVNniP
|
|||
go.opentelemetry.io/collector/pdata v1.53.0/go.mod h1:LRSYGNjKXaUrZEwZv3Yl+8/zV2HmRGKXW62zB2bysms=
|
||||
go.opentelemetry.io/otel v1.40.0 h1:oA5YeOcpRTXq6NN7frwmwFR0Cn3RhTVZvXsP4duvCms=
|
||||
go.opentelemetry.io/otel v1.40.0/go.mod h1:IMb+uXZUKkMXdPddhwAHm6UfOwJyh4ct1ybIlV14J0g=
|
||||
go.opentelemetry.io/otel v1.43.0 h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I=
|
||||
go.opentelemetry.io/otel v1.43.0/go.mod h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0=
|
||||
go.opentelemetry.io/otel/metric v1.40.0 h1:rcZe317KPftE2rstWIBitCdVp89A2HqjkxR3c11+p9g=
|
||||
go.opentelemetry.io/otel/metric v1.40.0/go.mod h1:ib/crwQH7N3r5kfiBZQbwrTge743UDc7DTFVZrrXnqc=
|
||||
go.opentelemetry.io/otel/metric v1.43.0 h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM=
|
||||
go.opentelemetry.io/otel/metric v1.43.0/go.mod h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY=
|
||||
go.opentelemetry.io/otel/sdk v1.40.0 h1:KHW/jUzgo6wsPh9At46+h4upjtccTmuZCFAc9OJ71f8=
|
||||
go.opentelemetry.io/otel/sdk v1.40.0/go.mod h1:Ph7EFdYvxq72Y8Li9q8KebuYUr2KoeyHx0DRMKrYBUE=
|
||||
go.opentelemetry.io/otel/sdk v1.43.0 h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg=
|
||||
go.opentelemetry.io/otel/sdk v1.43.0/go.mod h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.40.0 h1:mtmdVqgQkeRxHgRv4qhyJduP3fYJRMX4AtAlbuWdCYw=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.40.0/go.mod h1:4Z2bGMf0KSK3uRjlczMOeMhKU2rhUqdWNoKcYrtcBPg=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.43.0 h1:S88dyqXjJkuBNLeMcVPRFXpRw2fuwdvfCGLEo89fDkw=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.43.0/go.mod h1:C/RJtwSEJ5hzTiUz5pXF1kILHStzb9zFlIEe85bhj6A=
|
||||
go.opentelemetry.io/otel/trace v1.40.0 h1:WA4etStDttCSYuhwvEa8OP8I5EWu24lkOzp+ZYblVjw=
|
||||
go.opentelemetry.io/otel/trace v1.40.0/go.mod h1:zeAhriXecNGP/s2SEG3+Y8X9ujcJOTqQ5RgdEJcawiA=
|
||||
go.opentelemetry.io/otel/trace v1.43.0 h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A=
|
||||
go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0=
|
||||
go.opentelemetry.io/proto/slim/otlp v1.9.0 h1:fPVMv8tP3TrsqlkH1HWYUpbCY9cAIemx184VGkS6vlE=
|
||||
go.opentelemetry.io/proto/slim/otlp v1.9.0/go.mod h1:xXdeJJ90Gqyll+orzUkY4bOd2HECo5JofeoLpymVqdI=
|
||||
go.opentelemetry.io/proto/slim/otlp/collector/profiles/v1development v0.2.0 h1:o13nadWDNkH/quoDomDUClnQBpdQQ2Qqv0lQBjIXjE8=
|
||||
|
|
@ -107,6 +117,8 @@ golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
|
|||
golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
|
||||
golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k=
|
||||
golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
|
||||
golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo=
|
||||
golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
|
||||
golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk=
|
||||
golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b h1:Mv8VFug0MP9e5vUxfBcE3vUkV6CImK3cMNMIDFjmzxU=
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@
|
|||
"graphql-yoga": "5.13.3",
|
||||
"ioredis": "5.8.2",
|
||||
"mjml": "4.14.0",
|
||||
"nodemailer": "8.0.4",
|
||||
"nodemailer": "8.0.5",
|
||||
"sendmail": "1.6.1",
|
||||
"zod": "3.25.76"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2052,8 +2052,8 @@ importers:
|
|||
specifier: 4.14.0
|
||||
version: 4.14.0(encoding@0.1.13)
|
||||
nodemailer:
|
||||
specifier: 8.0.4
|
||||
version: 8.0.4
|
||||
specifier: 8.0.5
|
||||
version: 8.0.5
|
||||
sendmail:
|
||||
specifier: 1.6.1
|
||||
version: 1.6.1
|
||||
|
|
@ -11073,8 +11073,8 @@ packages:
|
|||
resolution: {integrity: sha512-ZCQ9GEWl73BVm8bu5Fts8nt7MHdbt5vY9bP6WGnUh+r3l8M7CgfyTlwsgCbMC66BNxPr6Xoce3j66Ms5YUQTNA==}
|
||||
hasBin: true
|
||||
|
||||
basic-ftp@5.2.0:
|
||||
resolution: {integrity: sha512-VoMINM2rqJwJgfdHq6RiUudKt2BV+FY5ZFezP/ypmwayk68+NzzAQy4XXLlqsGD4MCzq3DrmNFD/uUmBJuGoXw==}
|
||||
basic-ftp@5.2.1:
|
||||
resolution: {integrity: sha512-0yaL8JdxTknKDILitVpfYfV2Ob6yb3udX/hK97M7I3jOeznBNxQPtVvTUtnhUkyHlxFWyr5Lvknmgzoc7jf+1Q==}
|
||||
engines: {node: '>=10.0.0'}
|
||||
|
||||
bcp-47-match@2.0.3:
|
||||
|
|
@ -15649,8 +15649,8 @@ packages:
|
|||
nodemailer-shared@1.1.0:
|
||||
resolution: {integrity: sha512-68xW5LSyPWv8R0GLm6veAvm7E+XFXkVgvE3FW0FGxNMMZqMkPFeGDVALfR1DPdSfcoO36PnW7q5AAOgFImEZGg==}
|
||||
|
||||
nodemailer@8.0.4:
|
||||
resolution: {integrity: sha512-k+jf6N8PfQJ0Fe8ZhJlgqU5qJU44Lpvp2yvidH3vp1lPnVQMgi4yEEMPXg5eJS1gFIJTVq1NHBk7Ia9ARdSBdQ==}
|
||||
nodemailer@8.0.5:
|
||||
resolution: {integrity: sha512-0PF8Yb1yZuQfQbq+5/pZJrtF6WQcjTd5/S4JOHs9PGFxuTqoB/icwuB44pOdURHJbRKX1PPoJZtY7R4VUoCC8w==}
|
||||
engines: {node: '>=6.0.0'}
|
||||
|
||||
noms@0.0.0:
|
||||
|
|
@ -32192,7 +32192,7 @@ snapshots:
|
|||
|
||||
baseline-browser-mapping@2.9.4: {}
|
||||
|
||||
basic-ftp@5.2.0: {}
|
||||
basic-ftp@5.2.1: {}
|
||||
|
||||
bcp-47-match@2.0.3: {}
|
||||
|
||||
|
|
@ -34781,7 +34781,7 @@ snapshots:
|
|||
|
||||
get-uri@6.0.5:
|
||||
dependencies:
|
||||
basic-ftp: 5.2.0
|
||||
basic-ftp: 5.2.1
|
||||
data-uri-to-buffer: 6.0.2
|
||||
debug: 4.4.3(supports-color@8.1.1)
|
||||
transitivePeerDependencies:
|
||||
|
|
@ -38000,7 +38000,7 @@ snapshots:
|
|||
dependencies:
|
||||
nodemailer-fetch: 1.6.0
|
||||
|
||||
nodemailer@8.0.4: {}
|
||||
nodemailer@8.0.5: {}
|
||||
|
||||
noms@0.0.0:
|
||||
dependencies:
|
||||
|
|
|
|||
Loading…
Reference in a new issue