Skip to content

Commit cfa3081

Browse files
cristipufuclaude
cristipufu
and
claude
committed
fix: bump rollup to 4.59.0 to fix CVE path traversal vulnerability
Resolves GitHub Dependabot alert for arbitrary file write via path traversal in rollup >= 4.0.0, < 4.59.0. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent 92ed32c commit cfa3081

7 files changed

Lines changed: 265 additions & 260 deletions

File tree

src/uipath/dev/server/frontend/package-lock.json

Lines changed: 256 additions & 252 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/uipath/dev/server/frontend/package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,21 +9,22 @@
99
"preview": "vite preview"
1010
},
1111
"dependencies": {
12+
"@monaco-editor/react": "^4.7.0",
1213
"elkjs": "^0.11.0",
1314
"react": "^19.0.0",
1415
"react-dom": "^19.0.0",
1516
"react-markdown": "^10.1.0",
1617
"reactflow": "^11.11.4",
1718
"rehype-highlight": "^7.0.2",
1819
"remark-gfm": "^4.0.1",
19-
"@monaco-editor/react": "^4.7.0",
2020
"zustand": "^5.0.0"
2121
},
2222
"devDependencies": {
2323
"@tailwindcss/vite": "^4.0.0",
2424
"@types/react": "^19.0.0",
2525
"@types/react-dom": "^19.0.0",
2626
"@vitejs/plugin-react": "^4.3.0",
27+
"rollup": "^4.59.0",
2728
"tailwindcss": "^4.0.0",
2829
"typescript": "~5.7.0",
2930
"vite": "^6.0.0"

src/uipath/dev/server/static/assets/ChatPanel-DR8dCKHB.js renamed to src/uipath/dev/server/static/assets/ChatPanel-DiTmerW3.js

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/uipath/dev/server/static/assets/index-CzFU-Cnb.css

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)