VULN UPGRADE: minor upgrades — 12 packages (minor: 5 · patch: 7) [prebuild/node_modules]

[campaigner-prod]

Summary: Security update — 12 packages upgraded (MINOR changes included)

Manifests changed:

• prebuild/node_modules (npm)

Updates

Package	From	To	Type	Vulnerabilities Fixed
js-yaml	4.1.0	4.1.1	patch	2 MODERATE
lodash-es	4.17.21	4.17.23	patch	2 MODERATE
@types/inquirer	8.1.3	8.2.12	minor	-
chalk	4	4.1.2	minor	-
clipanion	3.1.0	3.2.1	minor	-
fdir	5.1.0	5.3.0	minor	-
tslib	2.3.1	2.8.1	minor	-
@types/js-yaml	4.0.5	4.0.9	patch	-
@types/lodash-es	4.17.5	4.17.12	patch	-
debug	4.3.3	4.3.7	patch	-
inquirer	8.2.0	8.2.7	patch	-
typanion	3.7.1	3.7.2	patch	-

Packages marked with "-" are updated due to dependency constraints.

---

Security Details

ℹ️ Other Vulnerabilities (4)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
js-yaml	GHSA-mh29-5h37-fv8m	MODERATE	js-yaml has prototype pollution in merge (<<)	4.1.0	4.1.1
js-yaml	CVE-2025-64718	MODERATE	js-yaml has prototype pollution in merge (<<)	4.1.0	-
lodash-es	GHSA-xxjr-mmjv-4gpg	MODERATE	Lodash has Prototype Pollution Vulnerability in _.unset and _.omit functions	4.17.21	4.17.23
lodash-es	CVE-2025-13465	MODERATE	-	4.17.21	-

---

Review Checklist

Standard review:

• Review changes for compatibility with your code
• Check for breaking changes in release notes
• Run tests locally or wait for CI

---

Update Mode: Vulnerability Remediation

🤖 Generated by DataDog Automated Dependency Management System