From 35e03ff033efa61884e0f692d2975f9bd9be192d Mon Sep 17 00:00:00 2001
From: Ryan Ling <ryan@outlook.com.au>
Date: Wed, 13 Dec 2023 09:55:46 +1100
Subject: [PATCH] Permit major upgrades to @koa/cors@5

These can be removed once we revert #96.

https://nvd.nist.goiv/vuln/detail/CVE-2023-49803
---
 default.json           | 7 +++++++
 non-critical.json      | 7 +++++++
 third-party-major.json | 7 +++++++
 3 files changed, 21 insertions(+)

diff --git a/default.json b/default.json
index 2f68b40..488627c 100644
--- a/default.json
+++ b/default.json
@@ -45,6 +45,13 @@
 
       "enabled": false
     },
+    {
+      "matchUpdateTypes": ["major"],
+      "matchPackageNames": ["@koa/cors"],
+      "allowedVersions": "< 6",
+
+      "enabled": true
+    },
     {
       "matchManagers": ["npm"],
       "matchPackageNames": ["eslint"],
diff --git a/non-critical.json b/non-critical.json
index e19b328..3e6f181 100644
--- a/non-critical.json
+++ b/non-critical.json
@@ -21,6 +21,13 @@
       "matchUpdateTypes": ["major"],
       "enabled": false
     },
+    {
+      "matchUpdateTypes": ["major"],
+      "matchPackageNames": ["@koa/cors"],
+      "allowedVersions": "< 6",
+
+      "enabled": true
+    },
     {
       "matchManagers": ["npm"],
       "matchPackageNames": ["aws-sdk-mock"],
diff --git a/third-party-major.json b/third-party-major.json
index e7903a1..dc46aea 100644
--- a/third-party-major.json
+++ b/third-party-major.json
@@ -57,6 +57,13 @@
 
       "enabled": false
     },
+    {
+      "matchUpdateTypes": ["major"],
+      "matchPackageNames": ["@koa/cors"],
+      "allowedVersions": "< 6",
+
+      "enabled": true
+    },
     {
       "excludePackagePatterns": ["^seek-jobs/", "^seek-oss/"],
       "matchManagers": ["buildkite"],