An underlying esbuild dependency allows unauthorized domains to read source maps due to permissive CORS headers. We need to add a pnpm.overrides entry in package.json for "esbuild": ">=0.25.0" to fix this security flaw.
I am contributing on behalf of GSSoc’26
An underlying
esbuilddependency allows unauthorized domains to read source maps due to permissive CORS headers. We need to add apnpm.overridesentry inpackage.jsonfor"esbuild": ">=0.25.0"to fix this security flaw.I am contributing on behalf of GSSoc’26