Commit 731bb79
authored
UID2-7491: bump websocket-driver to 0.7.5 (CVE-2026-54466) (#200)
Add an npm overrides entry ("websocket-driver": "^0.7.5") to the two
affected React example projects and regenerate their package-lock.json,
upgrading websocket-driver 0.7.4 -> 0.7.5 to resolve CVE-2026-54466
(CRITICAL). websocket-driver is a dev-only transitive dependency
(webpack-dev-server hot reload); the deployed examples are static builds,
so the attack vector is not reachable in production.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Ticket: UID2-7491
Branch: syw-UID2-7491-websocket-driver1 parent ac5666f commit 731bb79
4 files changed
Lines changed: 10 additions & 8 deletions
File tree
- web-integrations
- google-secure-signals/react-client-side
- javascript-sdk/react-client-side
Lines changed: 3 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Lines changed: 2 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
41 | 41 | | |
42 | 42 | | |
43 | 43 | | |
44 | | - | |
| 44 | + | |
| 45 | + | |
45 | 46 | | |
46 | 47 | | |
47 | 48 | | |
| |||
Lines changed: 3 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Lines changed: 2 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
41 | 41 | | |
42 | 42 | | |
43 | 43 | | |
44 | | - | |
| 44 | + | |
| 45 | + | |
45 | 46 | | |
46 | 47 | | |
47 | 48 | | |
| |||
0 commit comments