chore(SEC-10719): upgrade vm2 to 3.11.1

[phantom-autopilot]

Summary

Upgrades vm2 resolution from 3.11.0 to 3.11.1 to remediate GHSA-8hg8-63c5-gwmx (CVE-2026-44007, CRITICAL).

The advisory describes a sandbox escape: vm2 NodeVM with nesting: true bypasses require: false, allowing arbitrary OS command execution.

vm2 is pulled in transitively via degenerator and pinned through the resolutions field in package.json. Bumping the resolution to 3.11.1 forces the patched version into the lockfile.

Linear

SEC-10719

Changes

• package.json — bump resolutions.vm2 from 3.11.0 to 3.11.1
• yarn.lock — regenerated to resolve vm2@npm:3.11.1

Test plan

• yarn install — succeeds
• yarn typecheck — passes
• yarn lint — passes
• yarn test — passes
• CodeRabbit review — no code findings

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Updated dependencies to maintain compatibility and security.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 50d82f28-0b8b-46f4-a3b5-0795f22ffef9

📥 Commits

Reviewing files that changed from the base of the PR and between 8743e44 and 8b05fc5.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• package.json

---

📝 Walkthrough

Walkthrough

The PR updates the Yarn resolutions constraint for the vm2 transitive dependency from 3.11.0 to 3.11.1 in package.json. This is a patch-level version bump with no changes to package version, scripts, or other metadata fields.

Changes

Dependency Resolution Update

Layer / File(s)	Summary
Transitive Dependency Resolution package.json	The vm2 version in resolutions is updated from 3.11.0 to 3.11.1.

Possibly related PRs

• phantom/react-native-juicebox-sdk#21: Both PRs modify package.json's Yarn resolutions for the same transitive dependency (vm2), with the main PR updating the vm2 pin from 3.11.0 to 3.11.1.

Suggested reviewers

• alexz-phantom

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: upgrading the vm2 dependency to version 3.11.1 to address a critical security vulnerability (SEC-10719).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch autopilot2/sec-10719_critical-upgrade-vm2-in-github-com-phantom-react-native-juic

Warning

Review ran into problems

🔥 Problems

Git: Failed to clone repository. Please run the @coderabbitai full review command to re-trigger a full review. If the issue persists, set path_filters to include or exclude specific files.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[phantom-autopilot]

PR opened by agent

#25

[phantom-autopilot]

▐▛███▜▌ Claude Code v2.1.132
▝▜█████▛▘ Opus 4.7 · API Usage Billing
▘▘ ▝▝ ~/projects

Welcome to Opus 4.7 xhigh! · /effort to tune speed vs.
intelligence

❯ Work in ~/projects/react-native-juicebox-sdk.

Task

Implement Linear ticket SEC-10719: [CRITICAL] Upgrade vm2 in
github.com/phantom/react-native-juicebox-sdk to 3.11.1
(GHSA-8hg8-63c5-gwmx)

Description

Implement Linear ticket SEC-10719: [CRITICAL] Upgrade vm2 in
github.com/phantom/react-native-juicebox-sdk to 3.11.1
(GHSA-8hg8-63c5-gwmx)

Description:

Security Advisory

Advisory: [GHSA-8hg8-63c5-gwmx](<https://github.com/advisori
es/GHSA-8hg8-63c5-gwmx>) (CVE-2026-44007)
Severity: CRITICAL
Package: vm2 (npm)
Repository: [github.com/phantom/react-native-juicebox-sdk](<
http://github.com/phantom/react-native-juicebox-sdk>)
Current Version: 3.11.0
Vulnerable Range: <= 3.11.0
Fix Version: 3.11.1

Summary

vm2 NodeVM nesting: true bypasses require: false allowing
sandbox escape and arbitrary OS command execution

Autopilot Instructions

• PR title format: Use chore(<ticket-id>): upgrade vm2 to 3.11.1
• Scope: Only make changes directly required to resolve this
  ticket. Do not modify, add, or remove anything unrelated to the
  upgrade described above.
• Dependency compatibility: After upgrading the target
  package, verify that no other direct dependencies constrain it
  to a range that excludes the new version. If a conflict exists,
  upgrade the constraining package to a compatible version.
• Environment workarounds must not be committed: Temporary
  local workarounds are allowed, but they must not be in the final
  diff.
• Pre-existing failures: If a check already failed on the
  base branch, do not fix it.
• How to tell if a failure is yours: Check whether the
  failing file or dependency graph was touched by your changes.
• Completion Action: When the PR is created, remove
  "dep-upgrade-pending" and add "dep-upgrade-success". If the
  automation cannot complete, use "dep-upgrade-failed".

---

Auto-created by GHSA event handler

Instructions

1. Wait for the repo clone to finish before doing anything else.
   In production the workspace bootstrap clones repos
   asynchronously, so
   the project directory may not exist yet and .git/HEAD may
   not
   resolve when you start. Some repos aren't in the bootstrap
   list at
   all — for those the command below self-clones via the broker
   before
   continuing.

   CRITICAL — paste the command below verbatim as your FIRST
   Bash tool call:

   • Do NOT split the command into separate sleep N / cd /
     git clone
     calls — the harness blocks that multi-step pattern with
     "Blocked: sleep N followed by …". Paste it as one Bash
     invocation.

   • Do NOT paraphrase, simplify, or rewrite the readiness check
     or the
     self-clone fallback. The form below is the only one that
     works.

   • Invoke Bash with an explicit timeout of 420000ms so the
     tool-level
     timeout does not kill the self-clone fallback before it
     finishes
     (up to 300s bootstrap settle + 60s clone timeout +
     headroom).

     end=$(($(date +%s)+300)); prev=""; stable=0; while [ $(date
     +%s) -lt $end ]; do curr=$(ls -1A ~/projects/ 2>/dev/null |
     sort | wc -c); if [ "$curr" -gt 0 ] && [ "$curr" = "$prev" ];
     then stable=$((stable+1)); [ "$stable" -ge 4 ] && break; else
     stable=0; fi; prev="$curr"; sleep 2; done; if ! (cd
     ~/projects/react-native-juicebox-sdk 2>/dev/null && git
     rev-parse HEAD >/dev/null 2>&1); then echo
     "phantom/react-native-juicebox-sdk not present at
     ~/projects/react-native-juicebox-sdk — self-cloning via
     broker..." >&2; rm -rf ~/projects/react-native-juicebox-sdk;
     mkdir -p ~/projects; if ! timeout 60 git clone --quiet
     --depth=50 --no-single-branch
     "https://github.com/phantom/react-native-juicebox-sdk.git"
     ~/projects/react-native-juicebox-sdk; then rm -rf
     ~/projects/react-native-juicebox-sdk; echo "FATAL: self-clone of
     phantom/react-native-juicebox-sdk failed. The phantom-coder-bot
     GitHub App likely has no access to this repo (broker returns
     403 if the App's installation does not include
     phantom/react-native-juicebox-sdk). Add it under
     https://github.com/organizations/phantom/settings/installations,
     or include it in the workspace template's bootstrap list." >&2;
     exit 1; fi; fi; cd ~/projects/react-native-juicebox-sdk || exit
     1

   The repo name (react-native-juicebox-sdk) is already filled
   in — paste the command verbatim, there is nothing to
   substitute.

   It waits for ~/projects/ to settle (bootstrap finished
   cloning, or
   300s elapsed), then self-clones via plain git clone over
   HTTPS if
   the target repo isn't a working git checkout. The clone is
   wrapped
   in timeout 60 so a hung credential helper (e.g. broker 403
   because
   the GitHub App isn't installed on the repo) fails fast with a
   descriptive FATAL message instead of burning the full Bash
   timeout.
   On success you will already be inside the project directory;
   on
   failure the partial clone directory is removed so subsequent
   commands
   don't trip on a half-cloned repo.

   Do not run any git branch operations until the command above
   exits.

2. Check out branch: autopilot2/sec-10719_critical-upgrade-vm2-i
   n-github-com-phantom-react-native-juic

3. Read the repo's CLAUDE.md or AGENTS.md for conventions

4. If .autopilot/prompts.yml exists, follow its guidance

5. Plan the implementation, then implement it

6. Run validation: if .autopilot/commands.yml exists, run each
   stage

7. Iterate until all checks pass (max 10 rounds)

8. Run /self-heal to validate quality and auto-fix issues
   locally (CodeRabbit reviews the local diff — do NOT open a PR
   yet)

9. Commit and push: git add -A && if ! git diff --cached --quiet; then git commit -S -m "<conventional message>" && git push; else echo "No changes to commit"; fi

10. Create a draft PR with gh pr create --draft using the
    workspace gh wrapper; do not run gh auth or
    /refresh-github-token

11. Update the Linear ticket with progress via the Linear MCP

Called coder (ctrl+o to expand)

● Bash(end=$(($(date +%s)+300)); prev=""; stable=0; while [ $(date
+%s) -lt $end ]; do curr=$(ls -1A ~/projects/ 2>/dev/null |
sort | wc -c); if [ "$curr" -gt 0 ] && […)
⎿  phantom/react-native-juicebox-sdk not present at ~/projec
ts/react-native-juicebox-sdk — self-cloning via broker...
⎿  (timeout 7m)

● Bash(cd ~/projects/react-native-juicebox-sdk && git rev-parse
HEAD && git status && ls -la)
⎿  8743e449a84c82994452bbb8f2ee01806636255f
On branch main
Your branch is up to date with 'origin/main'.
… +28 lines (ctrl+o to expand)

● Bash(cd ~/projects/react-native-juicebox-sdk && git checkout -b
autopilot2/sec-10719_critical-upgrade-vm2-in-github-com-phant
om-react-native-juic 2>&1 || git checkou…)
⎿  Switched to a new branch 'autopilot2/sec-10719_critical-u
pgrade-vm2-in-github-com-phantom-react-native-juic'

● Bash(cd ~/projects/react-native-juicebox-sdk && ls -la
.autopilot/ 2>/dev/null; ls CLAUDE.md AGENTS.md 2>/dev/null)
⎿  Error: Exit code 2

● Bash(cd ~/projects/react-native-juicebox-sdk && ls -la .autopilot
2>&1; echo "---"; ls -la CLAUDE.md AGENTS.md 2>&1; echo
"---"; grep -n "vm2" package.json yarn.lock…)
⎿  ls: cannot access '.autopilot': No such file or directory
---
ls: cannot access 'CLAUDE.md': No such file or directory
… +7 lines (ctrl+o to expand)

Read 1 file (ctrl+o to expand)

● Bash(cd ~/projects/react-native-juicebox-sdk && grep -n -B1 -A8
"vm2@npm:3.11.0" yarn.lock | head -30; echo "---"; grep -n
"vm2: ^3" yarn.lock | head -5)
⎿  14130-
14131:"vm2@npm:3.11.0":
14132- version: 3.11.0
… +13 lines (ctrl+o to expand)

● Bash(cd ~/projects/react-native-juicebox-sdk && grep -n -B5 "vm2:
^3" yarn.lock | head -20)
⎿  6342- resolution: "degenerator@npm:4.0.4"
6343- dependencies:
6344- ast-types: ^0.13.4
… +3 lines (ctrl+o to expand)

● Update(package.json)
⎿  Added 1 line, removed 1 line
76 },
77 "resolutions": {
78 "@types/react": "~19.1.0",
79 - "vm2": "3.11.0",
79 + "vm2": "3.11.1",
80 "micromatch": "^4.0.8"
81 },
82 "peerDependencies": {

● Bash(cd ~/projects/react-native-juicebox-sdk && cat .nvmrc; node
--version; which yarn; yarn --version)
⎿  v24
v22.14.0
/usr/local/bin/yarn
… +3 lines (ctrl+o to expand)

● Bash(command -v nvm; ls -la /home/coder/.nvm 2>/dev/null | head
-5; which fnm; ls /usr/local/bin/node*; cat
/home/coder/.nvmrc 2>/dev/null; type -a node)
⎿  nvm
/usr/local/bin/node
node is /usr/local/bin/node

● Bash(source /usr/share/nvm/init-nvm.sh 2>/dev/null || source
~/.nvm/nvm.sh 2>/dev/null; nvm --version 2>&1 | head -3; nvm
ls 2>&1 | head -10)
⎿  0.40.3
v22.14.0 *
v24.11.1 *
… +8 lines (ctrl+o to expand)

● Bash(cd ~/projects/react-native-juicebox-sdk && source
~/.nvm/nvm.sh && nvm use 24 && node --version && yarn install
2>&1 | tail -40)
⎿  Error: Exit code 1
/bin/bash: line 3: /home/coder/.nvm/nvm.sh: No such file or
directory

Searched for 1 pattern (ctrl+o to expand)

● Bash(cd ~/projects/react-native-juicebox-sdk && source
/home/coder/.local/share/nvm/nvm.sh && nvm use 24 && node
--version && yarn install 2>&1 | tail -50)
⎿  Now using node v24.11.1 (npm v11.6.2)
v24.11.1
➤ YN0013: │ yaml@npm:1.10.2 can't be found in the cache a
… +78 lines (ctrl+o to expand)
⎿  (timeout 10m)

● Bash(cd ~/projects/react-native-juicebox-sdk && grep -n -A8
"vm2@npm:" yarn.lock | head -30)
⎿  14131:"vm2@npm:3.11.1":
14132- version: 3.11.1
14133: resolution: "vm2@npm:3.11.1"
… +10 lines (ctrl+o to expand)

● Bash(cd ~/projects/react-native-juicebox-sdk && git status)
⎿  On branch autopilot2/sec-10719_critical-upgrade-vm2-in-gi
thub-com-phantom-react-native-juic
Changes not staged for commit:
… +9 lines (ctrl+o to expand)

● Bash(cd ~/projects/react-native-juicebox-sdk && source
/home/coder/.local/share/nvm/nvm.sh >/dev/null 2>&1 && nvm
use 24 >/dev/null 2>&1 && yarn typecheck 2>&1 | tai…)
⎿  (No output)

● Bash(cd ~/projects/react-native-juicebox-sdk && source
/home/coder/.local/share/nvm/nvm.sh >/dev/null 2>&1 && nvm
use 24 >/dev/null 2>&1 && yarn typecheck; echo "EXI…)
⎿  EXIT=0

● Bash(cd ~/projects/react-native-juicebox-sdk && source
/home/coder/.local/share/nvm/nvm.sh >/dev/null 2>&1 && nvm
use 24 >/dev/null 2>&1 && yarn lint 2>&1 | tail -20…)
⎿  EXIT=0
⎿  (timeout 5m)

● Bash(cd ~/projects/react-native-juicebox-sdk && source
/home/coder/.local/share/nvm/nvm.sh >/dev/null 2>&1 && nvm
use 24 >/dev/null 2>&1 && yarn test 2>&1 | tail -30…)
⎿  PASS src/tests/index.test.tsx
✎ todo write a test
… +6 lines (ctrl+o to expand)
⎿  (timeout 10m)

● All checks pass. Now let me run self-heal.

● Bash(cd ~/projects/react-native-juicebox-sdk && git diff --stat)
⎿   package.json | 2 +-
yarn.lock | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)

● Skill(self-heal)
⎿  Successfully loaded skill

● Bash(cd ~/projects/react-native-juicebox-sdk && ls README.md &&
command -v coderabbit; ls scripts/ 2>/dev/null)
⎿  README.md
/usr/local/bin/coderabbit
build-juicebox-aar.sh
pod-install.cjs

● Bash(cd ~/projects/react-native-juicebox-sdk && grep -E
"(format|lint|typecheck)" README.md | head -20)
⎿  (No output)

● Bash(cd ~/projects/react-native-juicebox-sdk && source
/home/coder/.local/share/nvm/nvm.sh >/dev/null 2>&1 && nvm
use 24 >/dev/null 2>&1 && coderabbit review --plain…)
⎿  ╔═══════════════════════════════════════════╗
║ ║
║ New update available! 0.4.1 -> 0.4.5 ║
… +27 lines (ctrl+o to expand)
⎿  (timeout 10m)

● CodeRabbit's only finding is about the PR title — which I'll set
correctly when I create it. No code changes needed.

✅ Self-heal passed )

• Lint: PASS
• Typecheck: PASS
• Tests: PASS
• CodeRabbit: 1 finding (PR title format) — will be addressed at
  PR creation

● Bash(cd ~/projects/react-native-juicebox-sdk && git add
package.json yarn.lock && git diff --cached --stat)
⎿   package.json | 2 +-
yarn.lock | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)

● Bash(cd ~/projects/react-native-juicebox-sdk && git commit -S -m
"chore(SEC-10719): upgrade vm2 to 3.11.1…)
⎿  [autopilot2/sec-10719_critical-upgrade-vm2-in-github-com-
phantom-react-native-juic 8b05fc5] chore(SEC-10719): upgr
ade vm2 to 3.11.1
2 files changed, 5 insertions(+), 5 deletions(-)

● Bash(cd ~/projects/react-native-juicebox-sdk && git push -u
origin autopilot2/sec-10719_critical-upgrade-vm2-in-github-co
m-phantom-react-native-juic 2>&1 | tail -10)
⎿  remote:
remote: Create a pull request for 'autopilot2/sec-10719_c
ritical-upgrade-vm2-in-github-com-phantom-react-native-ju
… +13 lines (ctrl+o to expand)

● Bash(cd ~/projects/react-native-juicebox-sdk && gh pr create
--draft --title "chore(SEC-10719): upgrade vm2 to 3.11.1"
--body "$(cat <<'EOF'
## Summary…)
⎿  https://github.com/phantom/react-native-juicebox-sdk/pull
/25

● Bash(cd ~/projects/react-native-juicebox-sdk && gh pr edit 25
--remove-label "dep-upgrade-pending" --add-label
"dep-upgrade-success" 2>&1 | tail -10)
⎿  'dep-upgrade-success' not found

● Bash(cd ~/projects/react-native-juicebox-sdk && gh label list
2>&1 | grep -i "dep-upgrade")
⎿  No matches found

● Bash(cd ~/projects/react-native-juicebox-sdk && gh label create
"dep-upgrade-success" --color "0E8A16" --description
"Dependency upgrade completed successfully" 2>&1…)
⎿  (No output)

● Bash(cd ~/projects/react-native-juicebox-sdk && gh pr edit 25
--add-label "dep-upgrade-success" 2>&1 | tail -5; gh pr view
25 --json labels 2>&1 | tail -10)
⎿  https://github.com/phantom/react-native-juicebox-sdk/pull
/25
{
… +10 lines (ctrl+o to expand)

● Now update the Linear ticket.

Called linear, coder 2 times (ctrl+o to expand)

● SEC-10719 complete.

PR: #25
(draft)

Changes:

• package.json — resolutions.vm2: 3.11.0 → 3.11.1
• yarn.lock — regenerated to resolve vm2@npm:3.11.1

vm2 is transitive (via degenerator) and pinned through
resolutions; no other deps required upgrading. All local checks
pass (typecheck, lint, test, CodeRabbit). Label
dep-upgrade-success applied; Linear ticket commented.

✻ Cooked for 8m 19s