pin tinycolor

2026-01-11 20:08:56 +00:00 · 2025-09-15 19:00:54 -04:00
parent d5da2e2db5
commit 8b684018ca
3 changed files with 9 additions and 8 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -13980,7 +13980,7 @@
      "version": "3.0.0-beta.5",
      "license": "MIT",
      "dependencies": {
-        "@ctrl/tinycolor": "^4.1.0",
+        "@ctrl/tinycolor": "4.1.0",
        "@floating-ui/dom": "^1.6.13",
        "@lit/react": "^1.0.8",
        "@shoelace-style/animations": "^1.2.0",
@@ -13988,8 +13988,7 @@
        "composed-offset-position": "^0.0.6",
        "lit": "^3.2.1",
        "nanoid": "^5.1.5",
-        "qr-creator": "^1.0.0",
-        "style-observer": "^0.0.7"
+        "qr-creator": "^1.0.0"
      },
      "devDependencies": {
        "@wc-toolkit/jsx-types": "^1.3.0"
@@ -14000,7 +13999,7 @@
    },
    "packages/webawesome-pro": {
      "name": "@shoelace-style/webawesome-pro",
-      "version": "3.0.0-beta.4",
+      "version": "3.0.0-beta.5",
      "dependencies": {
        "@ctrl/tinycolor": "^4.1.0",
        "@floating-ui/dom": "^1.6.13",
--- a/packages/webawesome/docs/docs/resources/changelog.md
+++ b/packages/webawesome/docs/docs/resources/changelog.md
@@ -10,7 +10,10 @@ Components with the <wa-badge variant="warning">Experimental</wa-badge> badge sh

 ## Next

+## 3.0.0-beta.6
+
 - Fixed a bug in `<wa-dropdown>` that closed the dropdown event when preventing `wa-select` [issue:1432]
+- Pin `@ctrl/tinycolor` to `4.1.0` due to malware in `4.1.1` and `4.1.2`. <https://socket.dev/npm/package/@ctrl/tinycolor/overview/4.1.1>

 ## 3.0.0-beta.5

@@ -448,4 +451,4 @@ Many of these changes and improvements were the direct result of feedback from u

 </details>

-Did we miss something? [Let us know!](https://github.com/shoelace-style/webawesome/discussions)
+Did we miss something? [Let us know!](https://github.com/shoelace-style/webawesome/discussions)
--- a/packages/webawesome/package.json
+++ b/packages/webawesome/package.json
@@ -73,7 +73,7 @@
    "node": ">=14.17.0"
  },
  "dependencies": {
-    "@ctrl/tinycolor": "^4.1.0",
+    "@ctrl/tinycolor": "4.1.0",
    "@floating-ui/dom": "^1.6.13",
    "@lit/react": "^1.0.8",
    "@shoelace-style/animations": "^1.2.0",
@@ -81,8 +81,7 @@
    "composed-offset-position": "^0.0.6",
    "lit": "^3.2.1",
    "nanoid": "^5.1.5",
-    "qr-creator": "^1.0.0",
-    "style-observer": "^0.0.7"
+    "qr-creator": "^1.0.0"
  },
  "lint-staged": {
    "*.{ts,js}": [