Commit f2b703d
authored
π FIX: CVE-2026-0969 β Upgrade next-mdx-remote to v6.0.0 (#169)
Upgrade next-mdx-remote from v5 to v6 to fix arbitrary code execution
vulnerability (CVE-2026-0969) in the serialize function. The v6 release
adds blockDangerousJS (enabled by default) to prevent dangerous JS
operations like eval, Function, process, and require.
Set blockJS: false in serialize options to preserve MDX annotation
expressions used in docs content.1 parent 23e501a commit f2b703d
File tree
4 files changed
+29
-15
lines changed- apps/baseai.dev
- src
- lib
- scripts
4 files changed
+29
-15
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
47 | 47 | | |
48 | 48 | | |
49 | 49 | | |
50 | | - | |
| 50 | + | |
51 | 51 | | |
52 | 52 | | |
53 | 53 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
46 | 46 | | |
47 | 47 | | |
48 | 48 | | |
49 | | - | |
| 49 | + | |
| 50 | + | |
50 | 51 | | |
51 | 52 | | |
52 | 53 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
36 | 36 | | |
37 | 37 | | |
38 | 38 | | |
39 | | - | |
| 39 | + | |
| 40 | + | |
40 | 41 | | |
41 | 42 | | |
42 | 43 | | |
| |||
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments