From e95e9f9fda2b52599b3fb7e5efbf480d67667d33 Mon Sep 17 00:00:00 2001 From: Matti Nannt Date: Wed, 7 May 2025 00:17:54 +0200 Subject: [PATCH] fix: security issue because of outdated pnpm version (#5683) --- .github/actions/cache-build-web/action.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/sonarqube.yml | 2 +- apps/web/Dockerfile | 3 +-- apps/web/package.json | 2 +- package.json | 2 +- packages/database/package.json | 2 +- 7 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.github/actions/cache-build-web/action.yml b/.github/actions/cache-build-web/action.yml index f6e72d7f68..8c91d80d15 100644 --- a/.github/actions/cache-build-web/action.yml +++ b/.github/actions/cache-build-web/action.yml @@ -49,7 +49,7 @@ runs: if: steps.cache-build.outputs.cache-hit != 'true' - name: Install pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 if: steps.cache-build.outputs.cache-hit != 'true' - name: Install dependencies diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 2e2e4ed987..f751ac4155 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -26,7 +26,7 @@ jobs: node-version: 20.x - name: Install pnpm - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 + uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - name: Install dependencies run: pnpm install --config.platform=linux --config.architecture=x64 diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml index 35d02d8140..1e62124fd7 100644 --- a/.github/workflows/sonarqube.yml +++ b/.github/workflows/sonarqube.yml @@ -29,7 +29,7 @@ jobs: node-version: 22.x - name: Install pnpm - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 + uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - name: Install dependencies run: pnpm install --config.platform=linux --config.architecture=x64 diff --git a/apps/web/Dockerfile b/apps/web/Dockerfile index 7506e4fc19..82f7b4fb07 100644 --- a/apps/web/Dockerfile +++ b/apps/web/Dockerfile @@ -20,7 +20,7 @@ FROM base AS installer # Enable corepack and prepare pnpm RUN npm install --ignore-scripts -g corepack@latest RUN corepack enable -RUN corepack prepare pnpm@9.15.0 --activate +RUN corepack prepare pnpm@9.15.9 --activate # Install necessary build tools and compilers RUN apk update && apk add --no-cache cmake g++ gcc jq make openssl-dev python3 @@ -78,7 +78,6 @@ FROM base AS runner RUN npm install --ignore-scripts -g corepack@latest RUN corepack enable -RUN corepack prepare pnpm@9.15.0 --activate RUN apk add --no-cache curl \ && apk add --no-cache supercronic \ diff --git a/apps/web/package.json b/apps/web/package.json index ce5f83dff5..6258280c3c 100644 --- a/apps/web/package.json +++ b/apps/web/package.json @@ -1,7 +1,7 @@ { "name": "@formbricks/web", "version": "0.0.0", - "packageManager": "pnpm@9.15.0", + "packageManager": "pnpm@9.15.9", "private": true, "scripts": { "clean": "rimraf .turbo node_modules .next coverage", diff --git a/package.json b/package.json index d5972dac29..e5251b627e 100644 --- a/package.json +++ b/package.json @@ -60,7 +60,7 @@ "engines": { "node": ">=16.0.0" }, - "packageManager": "pnpm@9.15.0", + "packageManager": "pnpm@9.15.9", "nextBundleAnalysis": { "budget": 358400, "budgetPercentIncreaseRed": 20, diff --git a/packages/database/package.json b/packages/database/package.json index cdac3a36b8..7cf37fff2b 100644 --- a/packages/database/package.json +++ b/packages/database/package.json @@ -1,6 +1,6 @@ { "name": "@formbricks/database", - "packageManager": "pnpm@9.15.0", + "packageManager": "pnpm@9.15.9", "private": true, "version": "0.1.0", "main": "./src/index.ts",