From 0531c36e0872bf8bc5f29bb10bb333316b6cbbf9 Mon Sep 17 00:00:00 2001
From: Stephane Bouchet <sbouchet@redhat.com>
Date: Wed, 4 Mar 2026 15:31:27 +0100
Subject: [PATCH] update Fix CVE-2025-69873 by updating ajv to patched versions

Signed-off-by: Stephane Bouchet <sbouchet@redhat.com>
---
 cloud-shell/package.json | 3 ++-
 cloud-shell/yarn.lock    | 8 ++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/cloud-shell/package.json b/cloud-shell/package.json
index 23150483..323f3d5f 100644
--- a/cloud-shell/package.json
+++ b/cloud-shell/package.json
@@ -28,7 +28,8 @@
   "resolutions": {
     "cipher-base": "^1.0.6",
     "sha.js": "^2.4.12",
-    "tar": "7.5.7"
+    "tar": "7.5.7",
+    "ajv": "6.14.0"
   },
   "packageManager": "yarn@4.12.0"
 }
diff --git a/cloud-shell/yarn.lock b/cloud-shell/yarn.lock
index 0851987c..b3d3b317 100644
--- a/cloud-shell/yarn.lock
+++ b/cloud-shell/yarn.lock
@@ -297,15 +297,15 @@ __metadata:
   languageName: node
   linkType: hard
 
-"ajv@npm:^6.1.0, ajv@npm:^6.10.2":
-  version: 6.12.6
-  resolution: "ajv@npm:6.12.6"
+"ajv@npm:6.14.0":
+  version: 6.14.0
+  resolution: "ajv@npm:6.14.0"
   dependencies:
     fast-deep-equal: "npm:^3.1.1"
     fast-json-stable-stringify: "npm:^2.0.0"
     json-schema-traverse: "npm:^0.4.1"
     uri-js: "npm:^4.2.2"
-  checksum: 10c0/41e23642cbe545889245b9d2a45854ebba51cda6c778ebced9649420d9205f2efb39cb43dbc41e358409223b1ea43303ae4839db682c848b891e4811da1a5a71
+  checksum: 10c0/a2bc39b0555dc9802c899f86990eb8eed6e366cddbf65be43d5aa7e4f3c4e1a199d5460fd7ca4fb3d864000dbbc049253b72faa83b3b30e641ca52cb29a68c22
   languageName: node
   linkType: hard