long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
user-system/docs/evidence/ops/2026-03-27/sca/npm-audit-full-20260327-181910.json

428 lines
10 KiB
JSON
Raw Permalink Blame History

{
"auditReportVersion": 2,
"vulnerabilities": {
"@eslint-community/eslint-utils": {
"name": "@eslint-community/eslint-utils",
"severity": "moderate",
"isDirect": false,
"via": [
"eslint"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@eslint-community/eslint-utils"
],
"fixAvailable": true
},
"@eslint/config-array": {
"name": "@eslint/config-array",
"severity": "moderate",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@eslint/config-array"
],
"fixAvailable": true
},
"@eslint/eslintrc": {
"name": "@eslint/eslintrc",
"severity": "moderate",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@eslint/eslintrc"
],
"fixAvailable": true
},
"@typescript-eslint/eslint-plugin": {
"name": "@typescript-eslint/eslint-plugin",
"severity": "moderate",
"isDirect": false,
"via": [
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils",
"eslint"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@typescript-eslint/eslint-plugin"
],
"fixAvailable": true
},
"@typescript-eslint/parser": {
"name": "@typescript-eslint/parser",
"severity": "moderate",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"eslint"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@typescript-eslint/parser"
],
"fixAvailable": true
},
"@typescript-eslint/type-utils": {
"name": "@typescript-eslint/type-utils",
"severity": "moderate",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"@typescript-eslint/utils",
"eslint"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@typescript-eslint/type-utils"
],
"fixAvailable": true
},
"@typescript-eslint/typescript-estree": {
"name": "@typescript-eslint/typescript-estree",
"severity": "moderate",
"isDirect": false,
"via": [
"minimatch",
"tinyglobby"
],
"effects": [
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils",
"typescript-eslint"
],
"range": "",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree"
],
"fixAvailable": false
},
"@typescript-eslint/utils": {
"name": "@typescript-eslint/utils",
"severity": "moderate",
"isDirect": false,
"via": [
"@eslint-community/eslint-utils",
"@typescript-eslint/typescript-estree",
"eslint"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@typescript-eslint/utils"
],
"fixAvailable": true
},
"@vitejs/plugin-react": {
"name": "@vitejs/plugin-react",
"severity": "moderate",
"isDirect": true,
"via": [
"vite"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@vitejs/plugin-react"
],
"fixAvailable": false
},
"@vitest/coverage-v8": {
"name": "@vitest/coverage-v8",
"severity": "moderate",
"isDirect": true,
"via": [
"vitest"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@vitest/coverage-v8"
],
"fixAvailable": false
},
"@vitest/mocker": {
"name": "@vitest/mocker",
"severity": "moderate",
"isDirect": false,
"via": [
"vite"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/@vitest/mocker"
],
"fixAvailable": true
},
"brace-expansion": {
"name": "brace-expansion",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1115432,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"url": "https://github.com/advisories/GHSA-f886-m6hf-6m8v",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"range": "<5.0.5"
}
],
"effects": [
"minimatch"
],
"range": "",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion",
"node_modules/brace-expansion"
],
"fixAvailable": false
},
"eslint": {
"name": "eslint",
"severity": "moderate",
"isDirect": true,
"via": [
"@eslint-community/eslint-utils",
"@eslint/config-array",
"@eslint/eslintrc",
"minimatch"
],
"effects": [
"@eslint-community/eslint-utils",
"@typescript-eslint/eslint-plugin",
"eslint-plugin-react-hooks",
"eslint-plugin-react-refresh"
],
"range": "",
"nodes": [
"node_modules/eslint"
],
"fixAvailable": false
},
"eslint-plugin-react-hooks": {
"name": "eslint-plugin-react-hooks",
"severity": "moderate",
"isDirect": true,
"via": [
"eslint"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/eslint-plugin-react-hooks"
],
"fixAvailable": false
},
"eslint-plugin-react-refresh": {
"name": "eslint-plugin-react-refresh",
"severity": "moderate",
"isDirect": true,
"via": [
"eslint"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/eslint-plugin-react-refresh"
],
"fixAvailable": false
},
"fdir": {
"name": "fdir",
"severity": "moderate",
"isDirect": false,
"via": [
"picomatch"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/fdir"
],
"fixAvailable": true
},
"minimatch": {
"name": "minimatch",
"severity": "moderate",
"isDirect": false,
"via": [
"brace-expansion"
],
"effects": [
"@eslint/config-array",
"@eslint/eslintrc",
"@typescript-eslint/typescript-estree",
"eslint"
],
"range": "",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch",
"node_modules/minimatch"
],
"fixAvailable": false
},
"picomatch": {
"name": "picomatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1115384,
"name": "picomatch",
"dependency": "picomatch",
"title": "Picomatch has a ReDoS vulnerability via extglob quantifiers",
"url": "https://github.com/advisories/GHSA-c2c7-rcm5-vvqj",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=4.0.0 <4.0.4"
},
{
"source": 1115396,
"name": "picomatch",
"dependency": "picomatch",
"title": "Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"url": "https://github.com/advisories/GHSA-3v7f-55p6-f55p",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
},
"range": ">=4.0.0 <4.0.4"
}
],
"effects": [
"fdir",
"tinyglobby",
"vite",
"vitest"
],
"range": "",
"nodes": [
"node_modules/picomatch"
],
"fixAvailable": false
},
"tinyglobby": {
"name": "tinyglobby",
"severity": "moderate",
"isDirect": false,
"via": [
"fdir",
"picomatch"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/tinyglobby"
],
"fixAvailable": true
},
"typescript-eslint": {
"name": "typescript-eslint",
"severity": "moderate",
"isDirect": true,
"via": [
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/parser",
"@typescript-eslint/typescript-estree",
"@typescript-eslint/utils",
"eslint"
],
"effects": [],
"range": "",
"nodes": [
"node_modules/typescript-eslint"
],
"fixAvailable": false
},
"vite": {
"name": "vite",
"severity": "moderate",
"isDirect": true,
"via": [
"picomatch",
"tinyglobby"
],
"effects": [
"@vitejs/plugin-react",
"@vitest/mocker"
],
"range": "",
"nodes": [
"node_modules/vite"
],
"fixAvailable": false
},
"vitest": {
"name": "vitest",
"severity": "moderate",
"isDirect": true,
"via": [
"@vitest/mocker",
"picomatch",
"tinyglobby",
"vite"
],
"effects": [
"@vitest/coverage-v8"
],
"range": "",
"nodes": [
"node_modules/vitest"
],
"fixAvailable": false
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 21,
"high": 1,
"critical": 0,
"total": 22
},
"dependencies": {
"prod": 83,
"dev": 297,
"optional": 34,
"peer": 8,
"peerOptional": 0,
"total": 379
}
}
}
Reference in New Issue View Git Blame Copy Permalink