Skip to content

Address "high" and "moderate" level Dependabot security issues #4283

New issue
New issue
Open
Dev
Open
Address "high" and "moderate" level Dependabot security issues#4283
Dev
Labels
devissue is for the dev team
@CocoByte

Description

@CocoByte
CocoByte
opened on Oct 14, 2025

Issue description

We have several "high" and "moderate" level security alerts that dependabot has suggested resolutions for. We should resolve them.

Go to https://github.com/cisagov/manage.get.gov/security/dependabot and examine the recommended adjustments dependabot is providing for each alert. Resolve as part of this ticket (or if it requires extra work or research, create another ticket)

Acceptance criteria

  • All "high" and "moderate" level security alerts identified by dependabot have been addressed

Additional context

It could be that some package updates will resolve multiple alerts.

Links to other issues

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    devissue is for the dev team

    Type

    Dev

    Projects

    .gov Product Board

    Status

    👶 New

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions