[PR #478] [MERGED] fix(deps): patch 6 security alerts across 4 packages (1 critical, 5 medium) #500

Closed
opened 2026-06-05 17:23:28 -04:00 by yindo · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/langchain-ai/deepagentsjs/pull/478
Author: @jkennedyvz
Created: 4/21/2026
Status: Merged
Merged: 4/21/2026
Merged by: @hntrl

Base: mainHead: fix/security-alerts-2026-04-21


📝 Commits (1)

  • 0156c98 fix(deps): patch 6 security alerts across 4 packages

📊 Changes

4 files changed (+37 additions, -57 deletions)

View changed files

📝 internal/eval-harness/package.json (+1 -1)
📝 libs/deepagents/package.json (+1 -1)
📝 package.json (+4 -1)
📝 pnpm-lock.yaml (+31 -54)

📄 Description

Security Alert Patch

Resolves 6 open Dependabot security alerts (1 critical, 5 medium).

Packages Updated

Package Old → New Strategy Scope CVEs Resolved
protobufjs 7.5.4 → 7.5.5 C (pnpm override) — parent ranges already accept 7.5.5 transitive (via modal, @grpc/proto-loader, @opentelemetry/otlp-transformer) CVE-2026-41242 (critical)
axios 1.13.6 → 1.15.1 C (pnpm override) — @daytonaio/sdk ^1.13.5 already accepts 1.15.x transitive (via @daytonaio/sdk, @daytonaio/api-client, @daytonaio/toolbox-api-client) CVE-2025-62718, CVE-2026-40175
follow-redirects 1.15.11 → 1.16.0 C (pnpm override) — axios ^1.15.11 already accepts 1.16.0 transitive (via axios) GHSA-r4q5-vmmm-2653
langsmith floor raised to 0.5.19 A (direct bump) — libs/deepagents peerDep, internal/eval-harness dep direct, published CVE-2026-40190, GHSA-rr7j-v2q5-chgv

Why pnpm.overrides for transitives

The three transitive bumps (protobufjs, axios, follow-redirects) use pnpm.overrides because the parent packages' version ranges already allow the patched versions — this is a lockfile refresh, not a published-constraint change. End users installing @langchain/daytona or @langchain/modal resolve their own lockfile and naturally get the patched transitive versions; the overrides here just bring our lockfile up to date.

For langsmith, the vulnerable 0.5.15 was pinned in libs/deepagents/peerDependencies with floor >=0.5.15. Raising to >=0.5.19 closes the window for downstream consumers with stale lockfiles.

CVE Details

ID Package Severity Summary
CVE-2026-41242 / GHSA-xq3m-2v4x-88gg protobufjs critical Arbitrary code execution in protobufjs
CVE-2025-62718 / GHSA-3p68-rc4w-qgx5 axios medium NO_PROXY hostname normalization bypass leading to SSRF
CVE-2026-40175 / GHSA-fvcv-3m26-pcqx axios medium Unrestricted cloud metadata exfiltration via header injection chain
GHSA-r4q5-vmmm-2653 follow-redirects medium Leaks custom authentication headers to cross-domain redirect targets
CVE-2026-40190 / GHSA-fw9q-39r9-c252 langsmith medium Prototype pollution via incomplete __proto__ guard in internal lodash set()
GHSA-rr7j-v2q5-chgv langsmith medium Streaming token events bypass output redaction

Linear Tickets

No matching Linear tickets found (CLI unauthenticated in this environment).

Verification

  • pnpm install --lockfile-only clean — new lockfile contains axios@1.15.1, protobufjs@7.5.5, follow-redirects@1.16.0, langsmith@0.5.20 & 0.5.21 (vulnerable 0.5.15 fully removed)
  • pnpm format:check passes (313 files)
  • pnpm lint (oxlint) passes (0 warnings, 0 errors)
  • pnpm test:unit — 829/830 unit tests pass; the 1 failure and 6 unhandled errors are pre-existing on main (tied to recent ls_agent_type feature #470 and broken @langchain/sandbox-standard-tests module resolution), unrelated to this patch
  • pnpm typecheck failure in libs/standard-tests is pre-existing on main, unrelated to this patch
  • No major-version bumps; minimum-safe versions used throughout

🤖 Submitted by langster-patch


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/langchain-ai/deepagentsjs/pull/478 **Author:** [@jkennedyvz](https://github.com/jkennedyvz) **Created:** 4/21/2026 **Status:** ✅ Merged **Merged:** 4/21/2026 **Merged by:** [@hntrl](https://github.com/hntrl) **Base:** `main` ← **Head:** `fix/security-alerts-2026-04-21` --- ### 📝 Commits (1) - [`0156c98`](https://github.com/langchain-ai/deepagentsjs/commit/0156c985518f112855b58a404ae09a2cf7699d5b) fix(deps): patch 6 security alerts across 4 packages ### 📊 Changes **4 files changed** (+37 additions, -57 deletions) <details> <summary>View changed files</summary> 📝 `internal/eval-harness/package.json` (+1 -1) 📝 `libs/deepagents/package.json` (+1 -1) 📝 `package.json` (+4 -1) 📝 `pnpm-lock.yaml` (+31 -54) </details> ### 📄 Description ## Security Alert Patch Resolves 6 open Dependabot security alerts (**1 critical, 5 medium**). ### Packages Updated | Package | Old → New | Strategy | Scope | CVEs Resolved | |---------|-----------|----------|-------|---------------| | `protobufjs` | 7.5.4 → 7.5.5 | C (pnpm override) — parent ranges already accept 7.5.5 | transitive (via modal, @grpc/proto-loader, @opentelemetry/otlp-transformer) | **CVE-2026-41242** (critical) | | `axios` | 1.13.6 → 1.15.1 | C (pnpm override) — @daytonaio/sdk `^1.13.5` already accepts 1.15.x | transitive (via @daytonaio/sdk, @daytonaio/api-client, @daytonaio/toolbox-api-client) | CVE-2025-62718, CVE-2026-40175 | | `follow-redirects` | 1.15.11 → 1.16.0 | C (pnpm override) — axios `^1.15.11` already accepts 1.16.0 | transitive (via axios) | GHSA-r4q5-vmmm-2653 | | `langsmith` | floor raised to 0.5.19 | A (direct bump) — `libs/deepagents` peerDep, `internal/eval-harness` dep | direct, published | CVE-2026-40190, GHSA-rr7j-v2q5-chgv | ### Why pnpm.overrides for transitives The three transitive bumps (protobufjs, axios, follow-redirects) use pnpm.overrides because the parent packages' version ranges **already allow the patched versions** — this is a lockfile refresh, not a published-constraint change. End users installing `@langchain/daytona` or `@langchain/modal` resolve their own lockfile and naturally get the patched transitive versions; the overrides here just bring our lockfile up to date. For `langsmith`, the vulnerable 0.5.15 was pinned in `libs/deepagents/peerDependencies` with floor `>=0.5.15`. Raising to `>=0.5.19` closes the window for downstream consumers with stale lockfiles. ### CVE Details | ID | Package | Severity | Summary | |----|---------|----------|---------| | CVE-2026-41242 / GHSA-xq3m-2v4x-88gg | protobufjs | critical | Arbitrary code execution in protobufjs | | CVE-2025-62718 / GHSA-3p68-rc4w-qgx5 | axios | medium | NO_PROXY hostname normalization bypass leading to SSRF | | CVE-2026-40175 / GHSA-fvcv-3m26-pcqx | axios | medium | Unrestricted cloud metadata exfiltration via header injection chain | | GHSA-r4q5-vmmm-2653 | follow-redirects | medium | Leaks custom authentication headers to cross-domain redirect targets | | CVE-2026-40190 / GHSA-fw9q-39r9-c252 | langsmith | medium | Prototype pollution via incomplete `__proto__` guard in internal lodash `set()` | | GHSA-rr7j-v2q5-chgv | langsmith | medium | Streaming token events bypass output redaction | ### Linear Tickets No matching Linear tickets found (CLI unauthenticated in this environment). ### Verification - [x] `pnpm install --lockfile-only` clean — new lockfile contains axios@1.15.1, protobufjs@7.5.5, follow-redirects@1.16.0, langsmith@0.5.20 & 0.5.21 (vulnerable 0.5.15 fully removed) - [x] `pnpm format:check` passes (313 files) - [x] `pnpm lint` (oxlint) passes (0 warnings, 0 errors) - [x] `pnpm test:unit` — 829/830 unit tests pass; the 1 failure and 6 unhandled errors are **pre-existing** on `main` (tied to recent `ls_agent_type` feature #470 and broken `@langchain/sandbox-standard-tests` module resolution), unrelated to this patch - [x] `pnpm typecheck` failure in `libs/standard-tests` is pre-existing on `main`, unrelated to this patch - [x] No major-version bumps; minimum-safe versions used throughout 🤖 Submitted by langster-patch --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
yindo added the pull-request label 2026-06-05 17:23:28 -04:00
yindo closed this issue 2026-06-05 17:23:28 -04:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: langchain-ai/deepagentsjs#500