fix CVE-2024-37890, force use of jest 29.7.0 that fix ws issue

openclarity / apiclarity

An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks.

https://apiclarity.io

Apache License 2.0

510 stars 62 forks source link

fix CVE-2024-37890, force use of jest 29.7.0 that fix ws issue #408

Closed thelasttoto closed 3 months ago

thelasttoto commented 3 months ago

Fix CVE-2024-37890 Description: https://nvd.nist.gov/vuln/detail/CVE-2024-37890 Fix description https://github.com/openclarity/apiclarity/security/dependabot/227 => Need "ws": ">=8.17.1"

With the fix:

axel@aldebaran:/media/sf_vmshared/apiclarity/src/ui$ npm ls ws
apiclarity@0.1.0 /media/sf_vmshared/apiclarity/src/ui
└─┬ react-scripts@5.0.1 overridden
  └─┬ webpack-dev-server@4.15.2
    └── ws@8.17.1

build & tested with success