vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-01 02:03:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: update dependency pins

Browse Source
This commit is contained in:
Peter Steinberger
2026-05-28 18:02:59 +01:00
parent 0311171350
commit c2c29588f4
22 changed files with 777 additions and 502 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/pre-commit/pnpm-audit-prod.mjs
View File

@@ -26,12 +26,12 @@ const IMPORTER_SECTIONS = ["dependencies", "optionalDependencies"];
const LOCAL_REFERENCE_PREFIXES = ["file:", "link:", "portal:", "workspace:"];
// GitHub's GHSA-3q49-cfcf-g5fm feed includes an overbroad ">=0" range alongside
// the compromised @mistralai/mistralai versions. Keep the production audit
// blocking for the compromised releases while allowing our pinned 2.2.1 lock.
// blocking for the compromised releases while allowing pinned safe locks.
const AUDIT_ADVISORY_VERSION_OVERRIDES = [
{
packageName: "@mistralai/mistralai",
advisoryIds: new Set(["1118204", "GHSA-3q49-cfcf-g5fm"]),
unaffectedVersions: new Set(["2.2.1"]),
unaffectedVersions: new Set(["2.2.1", "2.2.5"]),
},
];