fix: update vulnerable dependencies #28

Merged

maximus merged 2 commits from fix/simpl-liste-26-vulnerable-deps into master

2026-03-31 00:02:08 +00:00

Author	SHA1	Message	Date
escouade-bot	aa7ca20731	fix: use npm audit fix instead of broad overrides for vulnerable deps (#26 ) Replace aggressive >=major overrides (picomatch>=4, brace-expansion>=2, etc.) with npm audit fix which patches each dependency within its compatible semver range: picomatch 2.3.2/3.0.2/4.0.4, brace-expansion 1.1.13/2.0.3/5.0.5, undici 6.24.1, node-forge 1.4.0, tar 7.5.13, yaml 1.10.3/2.8.3. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 02:03:32 -04:00
escouade-bot	36e138ec55	fix: override vulnerable transitive dependencies with patched versions (#26 ) Add npm overrides for picomatch, node-forge, tar, undici, brace-expansion, and yaml to resolve 6 security vulnerabilities (4 high, 2 moderate). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 00:01:26 -04:00

Author

SHA1

Message

Date

escouade-bot

aa7ca20731

fix: use npm audit fix instead of broad overrides for vulnerable deps (#26 )

Replace aggressive >=major overrides (picomatch>=4, brace-expansion>=2, etc.)
with npm audit fix which patches each dependency within its compatible semver
range: picomatch 2.3.2/3.0.2/4.0.4, brace-expansion 1.1.13/2.0.3/5.0.5,
undici 6.24.1, node-forge 1.4.0, tar 7.5.13, yaml 1.10.3/2.8.3.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-30 02:03:32 -04:00

escouade-bot

36e138ec55

fix: override vulnerable transitive dependencies with patched versions (#26 )

Add npm overrides for picomatch, node-forge, tar, undici, brace-expansion,
and yaml to resolve 6 security vulnerabilities (4 high, 2 moderate).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-30 00:01:26 -04:00