Merge pull request 'fix: update deps for high vulnerabilities (#54 )' (#57 ) from fix/simpl-liste-54-vulnerability-updates into master

fix: update drizzle-orm and @xmldom/xmldom to fix high vulnerabilities (#54 )
- drizzle-orm 0.45.1 → 0.45.2 (SQL injection via improperly escaped identifiers) - @xmldom/xmldom 0.8.11 → 0.8.12 (XML injection via unsafe CDATA serialization) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-08 19:23:37 +00:00 · 2026-04-08 15:22:42 -04:00
2 changed files with 10 additions and 10 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -1,12 +1,12 @@
 {
  "name": "simpl-liste",
-  "version": "1.4.0",
+  "version": "1.5.1",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "simpl-liste",
-      "version": "1.4.0",
+      "version": "1.5.1",
      "dependencies": {
        "@expo-google-fonts/inter": "^0.4.2",
        "@expo/ngrok": "^4.1.3",
@ -16,7 +16,7 @@
        "@react-native-community/datetimepicker": "8.4.4",
        "@react-navigation/native": "^7.1.8",
        "date-fns": "^4.1.0",
-        "drizzle-orm": "^0.45.1",
+        "drizzle-orm": "^0.45.2",
        "expo": "~54.0.33",
        "expo-auth-session": "~7.0.10",
        "expo-calendar": "~15.0.8",
@ -3816,9 +3816,9 @@
      }
    },
    "node_modules/@xmldom/xmldom": {
-      "version": "0.8.11",
-      "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.11.tgz",
-      "integrity": "sha512-cQzWCtO6C8TQiYl1ruKNn2U6Ao4o4WBBcbL61yJl84x+j5sOWWFU9X7DpND8XZG3daDppSsigMdfAIl2upQBRw==",
+      "version": "0.8.12",
+      "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.12.tgz",
+      "integrity": "sha512-9k/gHF6n/pAi/9tqr3m3aqkuiNosYTurLLUtc7xQ9sxB/wm7WPygCv8GYa6mS0fLJEHhqMC1ATYhz++U/lRHqg==",
      "license": "MIT",
      "engines": {
        "node": ">=10.0.0"
@ -5375,9 +5375,9 @@
      }
    },
    "node_modules/drizzle-orm": {
-      "version": "0.45.1",
-      "resolved": "https://registry.npmjs.org/drizzle-orm/-/drizzle-orm-0.45.1.tgz",
-      "integrity": "sha512-Te0FOdKIistGNPMq2jscdqngBRfBpC8uMFVwqjf6gtTVJHIQ/dosgV/CLBU2N4ZJBsXL5savCba9b0YJskKdcA==",
+      "version": "0.45.2",
+      "resolved": "https://registry.npmjs.org/drizzle-orm/-/drizzle-orm-0.45.2.tgz",
+      "integrity": "sha512-kY0BSaTNYWnoDMVoyY8uxmyHjpJW1geOmBMdSSicKo9CIIWkSxMIj2rkeSR51b8KAPB7m+qysjuHme5nKP+E5Q==",
      "license": "Apache-2.0",
      "peerDependencies": {
        "@aws-sdk/client-rds-data": ">=3",
--- a/package.json
+++ b/package.json
@ -17,7 +17,7 @@
    "@react-native-community/datetimepicker": "8.4.4",
    "@react-navigation/native": "^7.1.8",
    "date-fns": "^4.1.0",
-    "drizzle-orm": "^0.45.1",
+    "drizzle-orm": "^0.45.2",
    "expo": "~54.0.33",
    "expo-auth-session": "~7.0.10",
    "expo-calendar": "~15.0.8",
Author	SHA1	Message	Date
maximus	818f66205b	Merge pull request 'fix: update deps for high vulnerabilities (#54 )' (#57 ) from fix/simpl-liste-54-vulnerability-updates into master	2026-04-08 19:23:37 +00:00
le king fu	5b16882a83	fix: update drizzle-orm and @xmldom/xmldom to fix high vulnerabilities (#54 ) - drizzle-orm 0.45.1 → 0.45.2 (SQL injection via improperly escaped identifiers) - @xmldom/xmldom 0.8.11 → 0.8.12 (XML injection via unsafe CDATA serialization) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-08 15:22:42 -04:00