From 6409eb62a8ad59421362a116fe5305943d63d98e Mon Sep 17 00:00:00 2001
From: Michael Beckemeyer <m.beckemeyer@conterra.de>
Date: Tue, 18 Jun 2024 08:04:08 +0200
Subject: [PATCH] fix vulnerability in dev dependency

---
 package.json   | 4 +++-
 pnpm-lock.yaml | 9 +++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 1c9e7c8..ee1ce77 100644
--- a/package.json
+++ b/package.json
@@ -30,6 +30,7 @@
             "tough-cookie: https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
             "@mapbox/mapbox-gl-style-spec: license issues, see https://github.com/openlayers/ol-mapbox-style/pull/940",
             "braces: https://github.com/advisories/GHSA-grv7-fg5c-xmjg",
+            "ws: https://github.com/advisories/GHSA-3h5v-q93c-6h6q",
             "",
             "ignored cves",
             "============",
@@ -44,7 +45,8 @@
             "tough-cookie@<4.1.3": ">=4.1.3",
             "@mapbox/mapbox-gl-style-spec": "npm:@maplibre/maplibre-gl-style-spec@^20.1.1",
             "chakra-react-select>react-select": "^5.8.0",
-            "braces@<3.0.3": ">=3.0.3"
+            "braces@<3.0.3": ">=3.0.3",
+            "ws@>=8.0.0 <8.17.1": ">=8.17.1"
         },
         "auditConfig": {
             "ignoreCves": []
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index ee0fe63..dbff06e 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -10,6 +10,7 @@ overrides:
   '@mapbox/mapbox-gl-style-spec': npm:@maplibre/maplibre-gl-style-spec@^20.1.1
   chakra-react-select>react-select: ^5.8.0
   braces@<3.0.3: '>=3.0.3'
+  ws@>=8.0.0 <8.17.1: '>=8.17.1'
 
 patchedDependencies:
   '@chakra-ui/hooks@2.2.1':
@@ -4023,8 +4024,8 @@ packages:
   wrappy@1.0.2:
     resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==}
 
-  ws@8.13.0:
-    resolution: {integrity: sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==}
+  ws@8.17.1:
+    resolution: {integrity: sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==}
     engines: {node: '>=10.0.0'}
     peerDependencies:
       bufferutil: ^4.0.1
@@ -7068,7 +7069,7 @@ snapshots:
       whatwg-encoding: 2.0.0
       whatwg-mimetype: 3.0.0
       whatwg-url: 12.0.1
-      ws: 8.13.0
+      ws: 8.17.1
       xml-name-validator: 4.0.0
     transitivePeerDependencies:
       - bufferutil
@@ -8240,7 +8241,7 @@ snapshots:
 
   wrappy@1.0.2: {}
 
-  ws@8.13.0: {}
+  ws@8.17.1: {}
 
   xml-name-validator@4.0.0: {}