Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-01-24 11:16:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

🔒 fix: Address on-headers CVE-2025-7339 (#8553)

Browse source 
* 📦 chore: bump `compression` from 1.7.4 to 1.8.1

* chore: bump `express-session` to v1.18.2

* chore: update `connect-redis` from v7.1.0 to v8.1.0

* chore: update import for `connect-redis` to use named export due to v8.0.0 breaking change
This commit is contained in:
Danny Avila 2025-07-19 13:36:59 -04:00 committed by GitHub
parent d0c958ba33
commit f70e0cf849
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 111 additions and 108 deletions
Download patch file Download diff file Expand all files Collapse all files

6
api/package.json
View file

@ -56,8 +56,8 @@
"@waylaidwanderer/fetch-event-source": "^3.0.1",
"axios": "^1.8.2",
"bcryptjs": "^2.4.3",
"compression": "^1.7.4",
"connect-redis": "^7.1.0",
"compression": "^1.8.1",
"connect-redis": "^8.1.0",
"cookie": "^0.7.2",
"cookie-parser": "^1.4.7",
"cors": "^2.8.5",
@ -67,7 +67,7 @@
"express": "^4.21.2",
"express-mongo-sanitize": "^2.2.0",
"express-rate-limit": "^7.4.1",
"express-session": "^1.18.1",
"express-session": "^1.18.2",
"express-static-gzip": "^2.2.0",
"file-type": "^18.7.0",
"firebase": "^11.0.2",