Skip to content

[Maintenance] - Patch vulnerabilities from npm 05142026#350

Merged
leekahung merged 1 commit into
mainfrom
patch-npm-packages-05142026
May 15, 2026
Merged

[Maintenance] - Patch vulnerabilities from npm 05142026#350
leekahung merged 1 commit into
mainfrom
patch-npm-packages-05142026

Conversation

@leekahung
Copy link
Copy Markdown
Contributor

@leekahung leekahung commented May 15, 2026
edited
Loading

What type of PR is this? (check all applicable)

  • Refactor
  • Feature
  • Bug Fix
  • Optimization
  • Documentation Update
  • Infrastructure
  • Maintenance

Description

NPM audit update for frontend packages.

# npm audit report

langsmith  <0.6.0
Severity: high
LangSmith SDK: Public prompt pull deserializes untrusted manifests without trust boundary warning - https://github.com/advisories/GHSA-3644-q5cj-c5c7

Related Tickets & Documents

  • Related Issue #
  • Closes #

QA Instructions, Screenshots, Recordings

Please replace this line with instructions on how to test your changes, a note on the devices and browsers this has been tested on, as well as any relevant images for UI changes.

Added/updated tests?

  • Yes
  • No, and this is why: please replace this line with details on why tests have not been included
  • I need help with writing tests

Documentation

  • If this PR changes the system architecture, Architecture.md has been updated

[optional] Are there any post deployment tasks we need to perform?

@leekahung leekahung added the infrastructure Pull requests related to infrastructure and underlying workflows label May 15, 2026
@leekahung leekahung merged commit b3c1d40 into main May 15, 2026
7 checks passed
@leekahung
Copy link
Copy Markdown
Contributor Author

leekahung commented May 15, 2026

Merging security patch

@leekahung leekahung deleted the patch-npm-packages-05142026 branch May 18, 2026 00:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

infrastructure Pull requests related to infrastructure and underlying workflows

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@leekahung