Skip to content

chore(security): fix npm audit vulnerabilities#3

Draft
calebwilson706 wants to merge 1 commit into
mainfrom
security/npm-audit-fix
Draft

chore(security): fix npm audit vulnerabilities#3
calebwilson706 wants to merge 1 commit into
mainfrom
security/npm-audit-fix

Conversation

@calebwilson706

Copy link
Copy Markdown
Collaborator

Resolves all open npm audit alerts via npm audit fix (non-breaking, within existing semver ranges — only package-lock.json changed).

Vulnerabilities: 7 → 0

Package From → To Severity
hono 4.12.7 → 4.12.29 high + moderate
path-to-regexp 8.3.0 → 8.4.2 high
ip-address 10.1.0 → 10.2.0 moderate
express-rate-limit 8.3.1 → 8.5.2 moderate
qs 6.15.0 → 6.15.3 moderate

Incidental transitive bumps: @hono/node-server 1.19.11→1.19.14, es-object-atoms 1.1.1→1.1.2, fast-uri 3.1.0→3.1.3, hasown 2.0.2→2.0.4, side-channel 1.1.0→1.1.1, side-channel-list 1.0.0→1.0.1.

npm audit after the fix reports 0 vulnerabilities.

Note: base retargeted to main because the original working branch feat/github-copilot-migration has already been merged into main and removed from origin; the diff is the lockfile change only.

🤖 Generated with Claude Code

Resolves npm audit alerts via `npm audit fix` (non-breaking).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant