Skip to content

fix: resolve npm audit vulnerabilities with overrides#400

Closed
theluckystrike wants to merge 2 commits intotilfinltd:mainfrom
theluckystrike:fix/npm-audit-vulns
Closed

fix: resolve npm audit vulnerabilities with overrides#400
theluckystrike wants to merge 2 commits intotilfinltd:mainfrom
theluckystrike:fix/npm-audit-vulns

Conversation

@theluckystrike
Copy link
Contributor

@theluckystrike theluckystrike commented Mar 4, 2026

Resolves 3 security vulnerabilities in transitive dependencies (diff, serialize-javascript, mocha) by adding npm overrides.

Changes

  • Added npm overrides for diff (^8.0.3) and serialize-javascript (^7.0.4)
  • Updated devDependencies to latest versions
  • Fixes: DoS vulnerability in jsdiff, RCE vulnerability in serialize-javascript

Testing

  • npm audit: 0 vulnerabilities
  • npm test: 29 passing (2 pre-existing failures unrelated to this change)

Contributed by theluckystrike | Zovo — Chrome Extension Studio

theluckystrike and others added 2 commits March 4, 2026 16:28
@theluckystrike
fix: resolve npm audit vulnerabilities with overrides
81cb770 
- Add npm overrides for diff and serialize-javascript
- Resolves 3 high-severity vulnerabilities in transitive dependencies
- Updated devDependencies to latest versions
- All tests pass (2 pre-existing failures unrelated to changes)
@theluckystrike
fix: update test expectations for jsdom URL quoting behavior
42c8660
@theluckystrike
Copy link
Contributor Author

theluckystrike commented Mar 4, 2026

Closing — already had PR #399 merged here. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@theluckystrike