From 778b69e9cb18b5b7cef38d63ee5b871ad86ac2be Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 21 Mar 2026 10:10:10 +0000
Subject: [PATCH] fix: webapp/package.json & webapp/package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MATTERMOSTREDUX-15702176
---
 webapp/package-lock.json | 77 +++++++++++++++++++++++++++++-----------
 webapp/package.json      |  2 +-
 2 files changed, 58 insertions(+), 21 deletions(-)

diff --git a/webapp/package-lock.json b/webapp/package-lock.json
index 84ce4b74a..5f0a330dc 100644
--- a/webapp/package-lock.json
+++ b/webapp/package-lock.json
@@ -1,5 +1,5 @@
 {
-  "name": "webapp",
+  "name": "relock-npm-lock-v2-fUOeDx",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
@@ -9,7 +9,7 @@
         "core-js": "3.39.0",
         "csstype": "3.0.3",
         "debounce-promise": "3.1.2",
-        "mattermost-redux": "10.9.0",
+        "mattermost-redux": "^11.4.0",
         "node-fetch": "2.6.7",
         "prop-types": "15.7.2",
         "react": "18.2.0",
@@ -4610,6 +4610,7 @@
       "version": "10.9.0",
       "resolved": "https://registry.npmjs.org/@mattermost/client/-/client-10.9.0.tgz",
       "integrity": "sha512-P5b6zF0YIY+DhG25U8Q4ctlRgLZHyWZodgBsVsVY9Riwl0gDA96XmREd55P180MddCzJhRGNQg4UmAjxcqewlQ==",
+      "dev": true,
       "license": "MIT",
       "peerDependencies": {
         "@mattermost/types": "10.9.0",
@@ -4625,6 +4626,7 @@
       "version": "10.9.0",
       "resolved": "https://registry.npmjs.org/@mattermost/types/-/types-10.9.0.tgz",
       "integrity": "sha512-2795KUkp2EkuJ9NVohPkJmrgKunt6OZiLyo8zUoIWPJjxQ0upjiWJz/KenABx38v8+QfpSEN8tZSBN3lsZCueg==",
+      "dev": true,
       "license": "MIT",
       "peerDependencies": {
         "typescript": "^4.3.0 || ^5.0.0"
@@ -13985,19 +13987,19 @@
       }
     },
     "node_modules/mattermost-redux": {
-      "version": "10.9.0",
-      "resolved": "https://registry.npmjs.org/mattermost-redux/-/mattermost-redux-10.9.0.tgz",
-      "integrity": "sha512-dbUV7QQheDMT5ONK9TbGzn4P8AXrHQzJ6Uk/v8zw1ZxMenze08lgwHDUycLyPLCFX4e6CyHXhJ6r+E6mgBL1nA==",
+      "version": "11.4.0",
+      "resolved": "https://registry.npmjs.org/mattermost-redux/-/mattermost-redux-11.4.0.tgz",
+      "integrity": "sha512-EPBuTS4rfL3ClPOItUTGJad9vRKL4GRZu3X7MC2ctJzGZzzvK7kg3fXjp/vV0w1IizNmoGhGURu6V/ZqHI/TWQ==",
       "license": "MIT",
       "dependencies": {
-        "@mattermost/client": "10.9.0",
-        "@mattermost/types": "10.9.0",
-        "@redux-devtools/extension": "^3.2.3",
+        "@mattermost/client": "11.4.0",
+        "@mattermost/types": "11.4.0",
+        "@redux-devtools/extension": "3.3.0",
         "lodash": "^4.17.21",
         "moment-timezone": "^0.5.38",
-        "redux": "^4.2.0",
-        "redux-batched-actions": "^0.5.0",
-        "redux-thunk": "^2.4.2",
+        "redux": "^5.0.0",
+        "redux-batched-actions": "0.5.0",
+        "redux-thunk": "^3.0.0",
         "serialize-error": "^11.0.3",
         "shallow-equals": "^1.0.0",
         "timezones.json": "^1.7.1"
@@ -14011,6 +14013,50 @@
         }
       }
     },
+    "node_modules/mattermost-redux/node_modules/@mattermost/client": {
+      "version": "11.4.0",
+      "resolved": "https://registry.npmjs.org/@mattermost/client/-/client-11.4.0.tgz",
+      "integrity": "sha512-QzYIpxFRPA+NDCCxk9bPwnFRpgZq8d1KKYXic8AJJiPXjja6IJDOkpDfGgo4b1q0AofUQ+u7Js3Fh2mxerwz5g==",
+      "license": "MIT",
+      "peerDependencies": {
+        "@mattermost/types": "11.4.0",
+        "typescript": "^4.3.0 || ^5.0.0"
+      },
+      "peerDependenciesMeta": {
+        "typescript": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/mattermost-redux/node_modules/@mattermost/types": {
+      "version": "11.4.0",
+      "resolved": "https://registry.npmjs.org/@mattermost/types/-/types-11.4.0.tgz",
+      "integrity": "sha512-oYt7vvsa60hPpujcCBYeyd+22OwprEAtFXgVJrsdd9pR1qkEGU4F+uv8bh6ZTBSZAQnc2/xXQPZJGGR06toteA==",
+      "license": "MIT",
+      "peerDependencies": {
+        "typescript": "^4.3.0 || ^5.0.0"
+      },
+      "peerDependenciesMeta": {
+        "typescript": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/mattermost-redux/node_modules/redux": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/redux/-/redux-5.0.1.tgz",
+      "integrity": "sha512-M9/ELqF6fy8FwmkpnF0S3YKOqMyoWJ4+CS5Efg2ct3oY9daQvd/Pc71FpGZsVsbl3Cpb+IIcjBDUnnyBdQbq4w==",
+      "license": "MIT"
+    },
+    "node_modules/mattermost-redux/node_modules/redux-thunk": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/redux-thunk/-/redux-thunk-3.1.0.tgz",
+      "integrity": "sha512-NW2r5T6ksUKXCabzhL9z+h206HQw/NJkcLm1GPImRQ8IzfXwRGqjVhKJGauHirT0DAuyy6hjdnMZaRoAcy0Klw==",
+      "license": "MIT",
+      "peerDependencies": {
+        "redux": "^5.0.0"
+      }
+    },
     "node_modules/mdast-util-from-markdown": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/mdast-util-from-markdown/-/mdast-util-from-markdown-2.0.2.tgz",
@@ -16033,15 +16079,6 @@
         "redux": ">=1.0.0"
       }
     },
-    "node_modules/redux-thunk": {
-      "version": "2.4.2",
-      "resolved": "https://registry.npmjs.org/redux-thunk/-/redux-thunk-2.4.2.tgz",
-      "integrity": "sha512-+P3TjtnP0k/FEjcBL5FZpoovtvrTNT/UXd4/sluaSyrURlSlhLSzEdfsTBW7WsKB6yPvgd7q/iZPICFjW4o57Q==",
-      "license": "MIT",
-      "peerDependencies": {
-        "redux": "^4"
-      }
-    },
     "node_modules/reflect.getprototypeof": {
       "version": "1.0.10",
       "resolved": "https://registry.npmjs.org/reflect.getprototypeof/-/reflect.getprototypeof-1.0.10.tgz",
diff --git a/webapp/package.json b/webapp/package.json
index af32492b4..e81bd81b0 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -70,7 +70,7 @@
     "core-js": "3.39.0",
     "csstype": "3.0.3",
     "debounce-promise": "3.1.2",
-    "mattermost-redux": "10.9.0",
+    "mattermost-redux": "11.4.0",
     "node-fetch": "2.6.7",
     "prop-types": "15.7.2",
     "react": "18.2.0",