Skip to content

chore(deps): bump vulnerable website deps to resolve security alerts#2005

Merged
B4nan merged 1 commit into
masterfrom
chore/security-deps-bump-2
Jul 2, 2026
Merged

chore(deps): bump vulnerable website deps to resolve security alerts#2005
B4nan merged 1 commit into
masterfrom
chore/security-deps-bump-2

Conversation

@B4nan

@B4nan B4nan commented Jul 2, 2026

Copy link
Copy Markdown
Member

Lockfile-only bumps in the docs website (pnpm project) to resolve Dependabot alerts. No package.json or pnpm overrides changed.

Fixed

Package Old → New Severity
undici 7.25.0 → 7.28.0 high/medium/low
dompurify 3.4.10 → 3.4.11 medium
http-proxy-middleware 2.0.9 → 2.0.10 medium
js-yaml (v3 line via gray-matter) 3.14.2 → 3.15.0 medium
webpack-dev-server 5.2.3 → 5.2.5 medium

All target packages are now at or above their patched versions.

🤖 Generated with Claude Code

@B4nan B4nan added the adhoc Ad-hoc unplanned task added during the sprint. label Jul 2, 2026
@B4nan B4nan requested a review from barjin July 2, 2026 07:35
@codecov

codecov Bot commented Jul 2, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.35%. Comparing base (288add8) to head (41cf03f).

Additional details and impacted files
@@           Coverage Diff           @@
##           master    #2005   +/-   ##
=======================================
  Coverage   93.35%   93.35%           
=======================================
  Files         179      179           
  Lines       12482    12482           
=======================================
  Hits        11652    11652           
  Misses        830      830           
Flag Coverage Δ
unit 93.35% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@B4nan B4nan merged commit 7780e78 into master Jul 2, 2026
37 checks passed
@B4nan B4nan deleted the chore/security-deps-bump-2 branch July 2, 2026 09:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

adhoc Ad-hoc unplanned task added during the sprint.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants