From 031d70e36020f37fb889ba6166def2686fbeebfd Mon Sep 17 00:00:00 2001
From: Yashvanth B L <yashvanthbl137@bitgo.com>
Date: Mon, 11 May 2026 14:56:08 +0530
Subject: [PATCH] fix: upgrade fast-uri to 3.1.2 to address CVE-2026-6321 and
 CVE-2026-6322

Ticket: CGD-1102
---
 package.json |  3 ++-
 yarn.lock    | 10 +++++-----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/package.json b/package.json
index d12c0c584d..f7eff1245d 100644
--- a/package.json
+++ b/package.json
@@ -125,7 +125,8 @@
     "basic-ftp": "5.3.1",
     "flatted": "3.4.2",
     "sjcl": "npm:@bitgo/sjcl@1.0.1",
-    "picomatch": ">=2.3.2"
+    "picomatch": ">=2.3.2",
+    "fast-uri": "3.1.2"
   },
   "workspaces": [
     "modules/*"
diff --git a/yarn.lock b/yarn.lock
index 3004a71efe..4f74ac1a76 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -11604,10 +11604,10 @@ fast-text-encoding@^1.0.6:
   resolved "https://registry.npmjs.org/fast-text-encoding/-/fast-text-encoding-1.0.6.tgz"
   integrity sha512-VhXlQgj9ioXCqGstD37E/HBeqEGV/qOD/kmbVG8h5xKBYvM1L3lR1Zn4555cQ8GkYbJa8aJSipLPndE1k6zK2w==
 
-fast-uri@^3.0.1:
-  version "3.1.0"
-  resolved "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz"
-  integrity sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==
+fast-uri@3.1.2, fast-uri@^3.0.1:
+  version "3.1.2"
+  resolved "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.2.tgz#8af3d4fc9d3e71b11572cc2673b514a7d1a8c8ec"
+  integrity sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==
 
 fastest-levenshtein@^1.0.12:
   version "1.0.16"
@@ -18953,7 +18953,7 @@ sisteransi@^1.0.5:
   resolved "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz"
   integrity sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==
 
-sjcl@^1.0.6, "sjcl@npm:@bitgo/sjcl@1.0.1":
+sjcl@1.0.1, sjcl@^1.0.6, "sjcl@npm:@bitgo/sjcl@1.0.1":
   version "1.0.1"
   resolved "https://registry.npmjs.org/@bitgo/sjcl/-/sjcl-1.0.1.tgz#633fa84608c1cb7461b17ceb6131d96722921fd3"
   integrity sha512-dBICMzShC8gXdpSj9cvl4wl9Jkt4h14wt4XQ+/6V6qcC2IObyKRJfaG5TYUU6RvVknhPBPyBx9v84vNKODM5fQ==