fix(deps): update dependency title to v4 (#3719)

renovate[bot] · dimaMachina · web-flow · commit a4b0bbbe1725 · 2024-11-20T07:48:05.000+07:00
* fix(deps): update dependency title to v4

* Create chatty-knives-hang.md

---------

Co-authored-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
Co-authored-by: Dimitri POSTOLOV &lt;dmytropostolov@gmail.com&gt;
diff --git a/.changeset/chatty-knives-hang.md b/.changeset/chatty-knives-hang.md
@@ -0,0 +1,7 @@
+---
+"nextra": patch
+---
+
+fix(deps): update dependency title to v4
+
+> This fix ReDoS vulnerability exposed via title → clipboardy → execa → cross-spawn dependency chain
diff --git a/packages/nextra/package.json b/packages/nextra/package.json
@@ -160,7 +160,7 @@
     "remark-smartypants": "^3.0.0",
     "shiki": "^1.0.0",
     "slash": "^5.1.0",
-    "title": "^3.5.3",
+    "title": "^4.0.0",
     "unist-util-remove": "^4.0.0",
     "unist-util-visit": "^5.0.0",
     "yaml": "^2.3.2",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
