[Snyk] Security upgrade @graphql-codegen/cli from 1.21.5 to 6.0.0

[must479]

Snyk has created this PR to fix 2 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• package.json

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

⚠️ Warning

Failed to update the yarn.lock, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Predictable Value Range from Previous Values SNYK-JS-FORMDATA-10841150	791
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	696

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[codesandbox]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
uniswap-interface-oexk-nwsw	Error			Oct 4, 2025 10:05pm

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	side-channel@​1.0.4
	is-interactive@​1.0.0
	has-tostringtag@​1.0.0
	is-negative-zero@​2.0.1
	get-symbol-description@​1.0.0
	unbox-primitive@​1.0.1
	is-date-object@​1.0.5
	is-shared-array-buffer@​1.0.1
	is-bigint@​1.0.4
	internal-slot@​1.0.3
	array.prototype.flatmap@​1.2.4
	is-weakref@​1.0.1
	which-boxed-primitive@​1.0.2
	is-string@​1.0.7
	is-number-object@​1.0.6
	is-symbol@​1.0.4
	string.prototype.trimend@​1.0.4
	string.prototype.trimstart@​1.0.4
	is-regex@​1.1.4
	is-boolean-object@​1.1.2
	nullthrows@​1.1.1
	at-least-node@​1.0.0
	signedsource@​1.0.0
	@​graphql-codegen/​typescript-rtk-query@​1.1.1
	set-blocking@​2.0.0
	@​graphql-codegen/​typescript-operations@​1.18.2
	require-main-filename@​2.0.0
	@​babel/​plugin-syntax-flow@​7.14.5
	fbjs-css-vars@​1.0.2
	relay-compiler@​10.1.0
	relay-runtime@​10.1.0
	@​babel/​plugin-transform-flow-strip-types@​7.14.5
	@​graphql-tools/​relay-operation-optimizer@​6.3.0
	decamelize@​1.2.0
See 60 more rows in the dashboard

View full report