🔴 Fix HIGH Severity CVE-2023-4863

[ColeMurray]

🔒 Security Patch for CVE-2023-4863

This PR was automatically generated by Waclaude Security Scanner to fix a Severity.HIGH severity vulnerability.

Vulnerability Details

• Type: CVE-2023-4863
• File: bun.lock
• Line(s): None
• Scanner: npm_audit
• CWE: CWE-20 (Improper Input Validation)
• Confidence: high

Fix Description

• Version 0.32.6 is the first version after the vulnerability ([GHSA-54xq-cgqr-rpm3](https://github.com/lovell/sharp/security/advisories/GHSA-54xq-cgqr-rpm3)).
• Intentionally pinned to version 0.32.6 without caret (^) to maintain exact control and prevent unintended upgrades.
• Directly addresses the high-severity vulnerability.
• Minimal precise version bump ensures security fix with the lowest risk of breaking changes.

Verification Results

• ✅ Syntax: VerificationStatus.PASSED
• ⚠️ Tests: VerificationStatus.SKIPPED
• ✅ Security: VerificationStatus.PASSED

Vulnerability Description

• Advisory: [GHSA-54xq-cgqr-rpm3](https://github.com/lovell/sharp/security/advisories/GHSA-54xq-cgqr-rpm3)
• Package: sharp
• Severity: high
• Direct dependency: Yes
• Vulnerable versions: >= 0, < 0.32.6
• Fix available: Yes (0.32.6)

Affected: Anyone processing untrusted input with sharp versions before 0.32.6.

Important Note

This patch was generated by AI and requires human review before merging. Please verify:

• The fix correctly addresses the vulnerability
• No functionality is broken
• Code style matches project conventions
• No new vulnerabilities are introduced

[ColeMurray]

@0ximjosh can you clarify the thumbs down?

[0ximjosh]

I quite literally did not give you a thumbs down but I'll add one for the unsolicited @ and spamming a repo with ai generated CVEs