open-next icon indicating copy to clipboard operation
open-next copied to clipboard
verified publisher icon sst

Update vulnerable esbuild dependency

Open nhardy opened this issue 10 months ago • 2 comments

Updates esbuild to resolve https://github.com/advisories/GHSA-67mh-4wv8-2f99

nhardy avatar Feb 18 '25 23:02 nhardy

⚠️ No Changeset found

Latest commit: fb3e2239c8272f31e61d3b8435d287a882345ec0

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

changeset-bot[bot] avatar Feb 18 '25 23:02 changeset-bot[bot]

Open in Stackblitz

pnpm add https://pkg.pr.new/@opennextjs/aws@746

commit: fb3e223

pkg-pr-new[bot] avatar Feb 18 '25 23:02 pkg-pr-new[bot]

@nhardy are you using windows 8 or < macOS catalina? There are other people who are blocked b/c of the outdated esbuild.

Due to the breaking changes, this one might be tricky to merge in - eg it'll unblock others but also brick users on incompatible environments.

cc @vicb @conico974

khuezy avatar May 01 '25 16:05 khuezy

Closed in favor of #869 Sorry for the delay it took

conico974 avatar May 19 '25 13:05 conico974