Commit 53b8dec
committed
fix: apply non-breaking security updates via npm audit fix
- Update axios from ^1.7.2 to ^1.15.0 (fixes SSRF and header injection vulnerabilities - alerts 86, 88, 89)
- Update semantic-release from ^25.0.1 to ^25.0.3 (fixes undici vulnerabilities)
Note: Additional vulnerabilities require breaking changes:
- elliptic → requires storybook@7 (major refactor)
- prismjs → requires boemly@1.6.0 (breaking API changes)
- @tootallnate/once → requires jest@30 (breaking)
- picomatch/brace-expansion → bundled in npm, cannot fix
- undici → bundled in semantic-release1 parent e164995 commit 53b8dec
2 files changed
Lines changed: 1846 additions & 2113 deletions
0 commit comments