Skip to content

fix: remove mock-local-storage to address CVE-2025-57352 #1496

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 17, 2025
Merged

fix: remove mock-local-storage to address CVE-2025-57352 #1496

merged 1 commit into from
Oct 17, 2025

Conversation

@Antonio-Maranhao
Copy link
Contributor

@Antonio-Maranhao Antonio-Maranhao commented Oct 17, 2025

Overview

CVE is on min-document which is pulled by mock-local-storage. Both packages are not actively maintained so instead of relying on a fix, it was easier to replace it with a simple mock of our own and have one less dependency.

Testing recommendations

CI passes

GitHub issue number

n/a

Related Pull Requests

n/a

Checklist

  • Code is written and works correctly;
  • Changes are covered by tests;
  • Documentation reflects the changes;
  • Update rebar.config.script with the correct tag once a new Fauxton release is made

@Antonio-Maranhao Antonio-Maranhao merged commit 291fa94 into apache:main Oct 17, 2025
3 checks passed
@Antonio-Maranhao Antonio-Maranhao deleted the fix-cve-min-document branch October 17, 2025 13:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@willholley willholley willholley approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Antonio-Maranhao @willholley