Patch out vulnerable vm2 with an override

fixes critical issues in vm2, see https://github.com/patriksimek/vm2/security by using degenerator 5+, which does not require vm2. Change-Id: I1d40b191a8f7237d52165f4be77f2879d1910163
SciCatProject · Nov 22, 2023 · 41195c4 · 41195c4
1 parent e161e0d
commit 41195c4
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 163 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -70,6 +70,11 @@
     "swagger-ui-express": "^5.0.0",
     "uuid": "^9.0.0"
   },
+  "overrides": {
+   "pac-resolver": {
+      "degenerator": "~5"
+   }	   
+  },
   "devDependencies": {
     "@faker-js/faker": "^8.0.1",
     "@nestjs/cli": "^10.0.5",