mirror of
https://github.com/tiennm99/litellm.git
synced 2026-06-28 01:09:48 +00:00
Ishaan Jaff
2acc5cc457
* fix(security): fix CVE-2025-69873 and CVE-2026-26996 in docs dependencies Use npm overrides to pin patched versions: - ajv@6.12.6 → 6.14.0 (fixes ReDoS CVE-2025-69873) - ajv@8.17.1 → 8.18.0 (fixes ReDoS CVE-2025-69873) - minimatch@3.1.2 → 10.2.1 (fixes DoS CVE-2026-26996) serve-handler only calls minimatch(path, pattern) so the 3.x→10.x upgrade is safe. * fix(ruff): add missing Set and Dict imports to fix F821 errors * fix(security): scope ajv overrides to avoid top-level version conflict Replacing global 'ajv: 8.18.0' override with scoped 'schema-utils@4' override. The global override conflicted with the nested file-loader/ null-loader/url-loader overrides, causing npm to install ajv@6 at the top level where ajv-keywords@5.x requires ajv@8 (ajv/dist/compile/codegen). Now: - schema-utils@3 + loaders → ajv@6.14.0 (safe minor bump) - schema-utils@4 → ajv@8.18.0 (safe minor bump) - top-level ajv unmodified (stays at 8.x for ajv-keywords@5) * fix(security): allowlist minimatch and tar CVEs from nodejs_wheel, bump tar override to >=7.5.8
86 lines
2.1 KiB
JSON
86 lines
2.1 KiB
JSON
{
|
|
"name": "my-website",
|
|
"version": "0.0.0",
|
|
"private": true,
|
|
"scripts": {
|
|
"docusaurus": "docusaurus",
|
|
"start": "docusaurus start",
|
|
"build": "docusaurus build",
|
|
"swizzle": "docusaurus swizzle",
|
|
"deploy": "docusaurus deploy",
|
|
"clear": "docusaurus clear",
|
|
"serve": "docusaurus serve",
|
|
"write-translations": "docusaurus write-translations",
|
|
"write-heading-ids": "docusaurus write-heading-ids"
|
|
},
|
|
"dependencies": {
|
|
"@docusaurus/core": "3.8.1",
|
|
"@docusaurus/plugin-google-gtag": "3.8.1",
|
|
"@docusaurus/plugin-ideal-image": "3.8.1",
|
|
"@docusaurus/preset-classic": "3.8.1",
|
|
"@docusaurus/theme-mermaid": "3.8.1",
|
|
"@inkeep/cxkit-docusaurus": "^0.5.89",
|
|
"@mdx-js/react": "^3.0.0",
|
|
"clsx": "^1.2.1",
|
|
"prism-react-renderer": "^1.3.5",
|
|
"react": "^18.0.0 || ^19.0.0",
|
|
"react-dom": "^18.0.0 || ^19.0.0",
|
|
"sharp": "^0.32.6",
|
|
"uuid": "^9.0.1"
|
|
},
|
|
"devDependencies": {
|
|
"@docusaurus/module-type-aliases": "3.8.1",
|
|
"dotenv": "^16.4.5"
|
|
},
|
|
"browserslist": {
|
|
"production": [
|
|
">0.5%",
|
|
"not dead",
|
|
"not op_mini all"
|
|
],
|
|
"development": [
|
|
"last 1 chrome version",
|
|
"last 1 firefox version",
|
|
"last 1 safari version"
|
|
]
|
|
},
|
|
"engines": {
|
|
"node": ">=16.14",
|
|
"npm": ">=8.3.0"
|
|
},
|
|
"resolutions": {
|
|
"webpack-dev-server": ">=5.2.1",
|
|
"form-data": ">=4.0.4",
|
|
"mermaid": ">=11.10.0",
|
|
"gray-matter": "4.0.3",
|
|
"node-forge": ">=1.3.2"
|
|
},
|
|
"overrides": {
|
|
"webpack-dev-server": ">=5.2.1",
|
|
"form-data": ">=4.0.4",
|
|
"mermaid": ">=11.10.0",
|
|
"gray-matter": "4.0.3",
|
|
"glob": ">=11.1.0",
|
|
"tar": ">=7.5.8",
|
|
"@isaacs/brace-expansion": ">=5.0.1",
|
|
"node-forge": ">=1.3.2",
|
|
"mdast-util-to-hast": ">=13.2.1",
|
|
"lodash-es": ">=4.17.23",
|
|
"schema-utils@3": {
|
|
"ajv": "6.14.0"
|
|
},
|
|
"schema-utils@4": {
|
|
"ajv": "8.18.0"
|
|
},
|
|
"file-loader": {
|
|
"ajv": "6.14.0"
|
|
},
|
|
"null-loader": {
|
|
"ajv": "6.14.0"
|
|
},
|
|
"url-loader": {
|
|
"ajv": "6.14.0"
|
|
},
|
|
"minimatch": "10.2.1"
|
|
}
|
|
} |