GHSA-fr4h-3cph-29xv - pnpm protocol specifier bypass

pnpm before 10.34.4 and 11.0.0 through 11.7.x can let crafted protocol-style dependency specifiers short-circuit expected validation. In untrusted install scenarios that weakens supply-chain guarantees and can allow unexpected dependency materialization paths.

Affected versions

  • Vulnerable: pnpm <=10.34.3
  • Vulnerable: pnpm >=11.0.0, <11.8.0
  • Fixed: 10.34.4+ or 11.8.0+

Indicator-of-exposure

  • Vulnerable pnpm is pinned in CI, developer bootstrap, or images.
  • The repository consumes untrusted lockfiles or dependency manifests.
  • Install paths rely on pnpm validation as a trust boundary.

Remediation strategy

  • Upgrade pnpm everywhere it is pinned or bootstrapped.
  • Treat malformed protocol specifiers as a hard failure in repository-owned validation tooling.
  • Keep untrusted dependency resolution away from privileged pipelines.

The prompt

Model context: this prompt was generated by GPT 5.5 Extra High reasoning.

Remediate GHSA-fr4h-3cph-29xv in pnpm. Produce either:
- a reviewer-ready PR that upgrades controlled pnpm runtimes to 10.34.4+ or
  11.8.0+, verifies dependency validation paths, and documents containment, or
- TRIAGE.md if this repository does not control the affected pnpm runtime.

Rules:
- Scope only pnpm pins, dependency validation helpers, CI install jobs, and
  related images or docs.
- Do not validate by pulling attacker-controlled packages.

Steps:
1. Inventory all pnpm pins and bootstrap paths.
2. Upgrade every controlled vulnerable pin.
3. Add or confirm fail-closed handling for malformed protocol-style dependency specifiers.
4. Run trusted install, test, and scan workflows.
5. Use PR title `fix(sec): remediate pnpm protocol specifier bypass`.

Verification

  • No controlled pnpm runtime remains in the vulnerable range.
  • Malformed dependency identities fail closed in repository-controlled checks.

References