Skip to content

Commit 1ee64f1

Browse files
chargomechargome
authored
fix(deps): Bump mdast-util-to-hast to 13.2.1 (#19205)
- Bumps transitive dependency `mdast-util-to-hast` from `13.0.2` to `13.2.1` to fix CVE-2025-66400 (unsanitized class attribute in markdown code blocks) Ref: https://github.com/getsentry/sentry-javascript/security/dependabot/848
1 parent 11dc2e6 commit 1ee64f1

File tree

1 file changed

+27
-3
lines changed

1 file changed

+27
-3
lines changed

yarn.lock

Lines changed: 27 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22799,9 +22799,9 @@ mdast-util-to-hast@12.3.0, mdast-util-to-hast@^12.1.0:
2279922799
unist-util-visit "^4.0.0"
2280022800

2280122801
mdast-util-to-hast@^13.0.0:
22802-
version "13.0.2"
22803-
resolved "https://registry.yarnpkg.com/mdast-util-to-hast/-/mdast-util-to-hast-13.0.2.tgz#74c0a9f014bb2340cae6118f6fccd75467792be7"
22804-
integrity sha512-U5I+500EOOw9e3ZrclN3Is3fRpw8c19SMyNZlZ2IS+7vLsNzb2Om11VpIVOR+/0137GhZsFEF6YiKD5+0Hr2Og==
22802+
version "13.2.1"
22803+
resolved "https://registry.yarnpkg.com/mdast-util-to-hast/-/mdast-util-to-hast-13.2.1.tgz#d7ff84ca499a57e2c060ae67548ad950e689a053"
22804+
integrity sha512-cctsq2wp5vTsLIcaymblUriiTcZd0CwWtCbLvrOzYCDZoWyMNV8sZ7krj09FSnsiJi3WVsHLM4k6Dq/yaPyCXA==
2280522805
dependencies:
2280622806
"@types/hast" "^3.0.0"
2280722807
"@types/mdast" "^4.0.0"
@@ -22811,6 +22811,7 @@ mdast-util-to-hast@^13.0.0:
2281122811
trim-lines "^3.0.0"
2281222812
unist-util-position "^5.0.0"
2281322813
unist-util-visit "^5.0.0"
22814+
vfile "^6.0.0"
2281422815

2281522816
mdast-util-to-markdown@^1.0.0, mdast-util-to-markdown@^1.3.0:
2281622817
version "1.5.0"
@@ -31432,6 +31433,13 @@ unist-util-stringify-position@^3.0.0:
3143231433
dependencies:
3143331434
"@types/unist" "^2.0.0"
3143431435

31436+
unist-util-stringify-position@^4.0.0:
31437+
version "4.0.0"
31438+
resolved "https://registry.yarnpkg.com/unist-util-stringify-position/-/unist-util-stringify-position-4.0.0.tgz#449c6e21a880e0855bf5aabadeb3a740314abac2"
31439+
integrity sha512-0ASV06AAoKCDkS2+xw5RXJywruurpbC4JZSm7nr7MOt1ojAzvyyaO+UxZf18j8FCF6kmzCZKcAgN/yu2gm2XgQ==
31440+
dependencies:
31441+
"@types/unist" "^3.0.0"
31442+
3143531443
unist-util-visit-children@^2.0.0:
3143631444
version "2.0.2"
3143731445
resolved "https://registry.yarnpkg.com/unist-util-visit-children/-/unist-util-visit-children-2.0.2.tgz#0f00a5caff567074568da2d89c54b5ee4a8c5440"
@@ -31851,6 +31859,14 @@ vfile-message@^3.0.0:
3185131859
"@types/unist" "^2.0.0"
3185231860
unist-util-stringify-position "^3.0.0"
3185331861

31862+
vfile-message@^4.0.0:
31863+
version "4.0.3"
31864+
resolved "https://registry.yarnpkg.com/vfile-message/-/vfile-message-4.0.3.tgz#87b44dddd7b70f0641c2e3ed0864ba73e2ea8df4"
31865+
integrity sha512-QTHzsGd1EhbZs4AsQ20JX1rC3cOlt/IWJruk893DfLRr57lcnOeMaWG4K0JrRta4mIJZKth2Au3mM3u03/JWKw==
31866+
dependencies:
31867+
"@types/unist" "^3.0.0"
31868+
unist-util-stringify-position "^4.0.0"
31869+
3185431870
vfile@^5.0.0, vfile@^5.3.7:
3185531871
version "5.3.7"
3185631872
resolved "https://registry.yarnpkg.com/vfile/-/vfile-5.3.7.tgz#de0677e6683e3380fafc46544cfe603118826ab7"
@@ -31861,6 +31877,14 @@ vfile@^5.0.0, vfile@^5.3.7:
3186131877
unist-util-stringify-position "^3.0.0"
3186231878
vfile-message "^3.0.0"
3186331879

31880+
vfile@^6.0.0:
31881+
version "6.0.3"
31882+
resolved "https://registry.yarnpkg.com/vfile/-/vfile-6.0.3.tgz#3652ab1c496531852bf55a6bac57af981ebc38ab"
31883+
integrity sha512-KzIbH/9tXat2u30jf+smMwFCsno4wHVdNmzFyL+T/L3UGqqk6JKfVqOFOZEpZSHADH1k40ab6NUIXZq422ov3Q==
31884+
dependencies:
31885+
"@types/unist" "^3.0.0"
31886+
vfile-message "^4.0.0"
31887+
3186431888
vinxi@^0.5.11:
3186531889
version "0.5.11"
3186631890
resolved "https://registry.yarnpkg.com/vinxi/-/vinxi-0.5.11.tgz#be879f9521c85d621964028289e7d38f599d384a"

0 commit comments

Comments
 (0)