security: resolve vulnerable tmp transitive dependency (#3379)

* security: override tmp to patched version

* chore: refresh nix pnpm deps hash

---------

Co-authored-by: Gateway <gateway@users.noreply.github.com>
Co-authored-by: a1chzt <chizblank@gmail.com>
This commit is contained in:
Gateway
2026-06-03 02:15:20 -07:00
committed by GitHub
parent 54fea36741
commit 13d4612f63
4 changed files with 9 additions and 6 deletions

View File

@@ -9,6 +9,6 @@
# 1. Temporarily set the consuming `hash = lib.fakeHash;`
# 2. Run the relevant nix build/flake check
# 3. Copy the expected hash printed by Nix into the matching field below
daemonHash = "sha256-nSMVyVSHfcXV5fLMXM3tfdQxZRb+FNF6P4iuJw/Z8Mo=";
webHash = "sha256-IlXE7iNoT/+mcVbtzhJdcP5fNs7Hk8AYZMxfJ33dXck=";
daemonHash = "sha256-cHVStKsh5vDiplA7QVCZuC9xbXKOoE7v7VfwX0A3Pes=";
webHash = "sha256-THVcqWm8iPpF65gBaV8/nK27ZjOwVJzsAAfVQZxN+As=";
}

View File

@@ -47,6 +47,7 @@
"postcss": "8.5.15",
"protobufjs": "8.4.0",
"qs": "6.15.2",
"tmp": "0.2.7",
"yaml": "2.9.0"
},
"onlyBuiltDependencies": [

9
pnpm-lock.yaml generated
View File

@@ -13,6 +13,7 @@ overrides:
postcss: 8.5.15
protobufjs: 8.4.0
qs: 6.15.2
tmp: 0.2.7
yaml: 2.9.0
importers:
@@ -4468,8 +4469,8 @@ packages:
tmp-promise@3.0.3:
resolution: {integrity: sha512-RwM7MoPojPxsOBYnyd2hy0bxtIlVrihNs9pj5SUvY8Zz1sQcQG2tG1hSr8PDxfgEB8RNKDhqbIlroIarSNDNsQ==}
tmp@0.2.5:
resolution: {integrity: sha512-voyz6MApa1rQGUxT3E+BK7/ROe8itEx7vD8/HEvt4xwXucvQ5G5oeEiHkmHZJuBO21RpOf+YYm9MOivj709jow==}
tmp@0.2.7:
resolution: {integrity: sha512-e0votIpp4Uo2AJYSzVHV6xCcawuiez3DzqDAbrTc3YxBkplN6e+dM13ZeIcZnDg/QpSuU2zfZ3rzwY8ukEnaXw==}
engines: {node: '>=14.14'}
toidentifier@1.0.1:
@@ -9435,9 +9436,9 @@ snapshots:
tmp-promise@3.0.3:
dependencies:
tmp: 0.2.5
tmp: 0.2.7
tmp@0.2.5: {}
tmp@0.2.7: {}
toidentifier@1.0.1: {}

View File

@@ -13,6 +13,7 @@ overrides:
postcss: 8.5.15
protobufjs: 8.4.0
qs: 6.15.2
tmp: 0.2.7
yaml: 2.9.0
onlyBuiltDependencies: