Skip to content

fix(deps): clear all 7 dependabot advisories#2

Open
StoneyEagle wants to merge 1 commit into
mainfrom
fix/cve-bulk-20260518
Open

fix(deps): clear all 7 dependabot advisories#2
StoneyEagle wants to merge 1 commit into
mainfrom
fix/cve-bulk-20260518

Conversation

@StoneyEagle
Copy link
Copy Markdown
Owner

@StoneyEagle StoneyEagle commented May 18, 2026

Summary

  • bump mermaid ^11.4.1 -> ^11.15.0 (direct dep)
  • pin transitives via pnpm.overrides: esbuild ^0.25.0, vite ^6.4.2, uuid ^11.1.1

Clears all 7 open Dependabot advisories (#1-#7, all npm/medium severity, all in githubMarkdown.desktop/pnpm-lock.yaml).

Verified: pnpm install clean. Lockfile pins mermaid@11.15.0, vite@6.4.2, esbuild@0.25.12, uuid@11.1.1 (single resolution each, no stragglers).

@StoneyEagle
fix(deps): clear all 7 dependabot advisories
94a540c 
- bump mermaid ^11.4.1 -> ^11.15.0 (direct dep)
- pnpm.overrides: esbuild ^0.25.0, vite ^6.4.2, uuid ^11.1.1

Verified: pnpm install clean.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@StoneyEagle