docs(wip): Do not merge cross-links are broken by eyurtsev · Pull Request #4 · langchain-ai/docs

Eugene Yurtsev (eyurtsev) · 2025-05-22T20:02:11Z

No description provided.

## Summary - Add pnpm overrides to resolve the remaining 4 open Dependabot security alerts in `reference/pnpm-lock.yaml` - **path-to-regexp** `>=4.0.0 <6.3.0` → `6.3.0` — fixes high-severity ReDoS via backtracking regular expressions ([#1](https://github.com/langchain-ai/docs/security/dependabot/1)) - **undici** `>=4.5.0 <5.29.0` → `5.29.0` — fixes 3 alerts: insufficiently random values ([#2](https://github.com/langchain-ai/docs/security/dependabot/2)), unbounded decompression chain ([#9](https://github.com/langchain-ai/docs/security/dependabot/9)), and bad certificate DoS ([#4](https://github.com/langchain-ai/docs/security/dependabot/4)) ## Test plan - [x] Verified vulnerable versions (`path-to-regexp@6.1.0`, `undici@5.28.4`) are no longer in lockfile - [x] Verified patched versions (`path-to-regexp@6.3.0`, `undici@5.29.0`) are present - [x] `pnpm install` succeeds without errors 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

x

ccd0908

Eugene Yurtsev (eyurtsev) changed the title ~~docs(wip): Do not merge~~ docs(wip): Do not merge cross-links are broken May 22, 2025

Lauren Hirata Singh (lnhsingh) deleted the branch migrate-langgraph July 22, 2025 15:56

Lauren Hirata Singh (lnhsingh) closed this Jul 22, 2025

Eugene Yurtsev (eyurtsev) deleted the eugene/some_changes branch July 24, 2025 13:41

Provide feedback