Merge pull request #44 from adhocteam/automated-dependency-updates

mheadd · web-flow · commit 800772a16a6f · 2026-02-25T08:59:43.000-05:00
Automated Dependency Updates
diff --git a/audit-report.json b/audit-report.json
@@ -1,211 +1,175 @@
 {
   "auditReportVersion": 2,
   "vulnerabilities": {
-    "@eslint-community/eslint-utils": {
-      "name": "@eslint-community/eslint-utils",
-      "severity": "moderate",
-      "isDirect": false,
-      "via": [
-        "eslint"
-      ],
-      "effects": [
-        "@typescript-eslint/utils",
-        "eslint"
-      ],
-      "range": "*",
-      "nodes": [
-        "node_modules/@eslint-community/eslint-utils"
-      ],
-      "fixAvailable": false
-    },
-    "@eslint/eslintrc": {
-      "name": "@eslint/eslintrc",
-      "severity": "moderate",
-      "isDirect": false,
-      "via": [
-        "ajv"
-      ],
-      "effects": [
-        "eslint"
-      ],
-      "range": "*",
-      "nodes": [
-        "node_modules/@eslint/eslintrc"
-      ],
-      "fixAvailable": false
-    },
     "@typescript-eslint/eslint-plugin": {
       "name": "@typescript-eslint/eslint-plugin",
-      "severity": "moderate",
+      "severity": "high",
       "isDirect": true,
       "via": [
-        "@typescript-eslint/parser",
         "@typescript-eslint/type-utils",
-        "@typescript-eslint/utils",
-        "eslint"
+        "@typescript-eslint/utils"
       ],
       "effects": [],
-      "range": "*",
+      "range": "6.16.0 - 7.5.0",
       "nodes": [
         "node_modules/@typescript-eslint/eslint-plugin"
       ],
-      "fixAvailable": false
+      "fixAvailable": true
     },
     "@typescript-eslint/parser": {
       "name": "@typescript-eslint/parser",
-      "severity": "moderate",
+      "severity": "high",
       "isDirect": true,
       "via": [
-        "eslint"
+        "@typescript-eslint/typescript-estree"
       ],
-      "effects": [
-        "@typescript-eslint/eslint-plugin"
-      ],
-      "range": "*",
+      "effects": [],
+      "range": "6.16.0 - 7.5.0",
       "nodes": [
         "node_modules/@typescript-eslint/parser"
       ],
-      "fixAvailable": false
+      "fixAvailable": true
     },
     "@typescript-eslint/type-utils": {
       "name": "@typescript-eslint/type-utils",
-      "severity": "moderate",
+      "severity": "high",
+      "isDirect": false,
+      "via": [
+        "@typescript-eslint/typescript-estree",
+        "@typescript-eslint/utils"
+      ],
+      "effects": [],
+      "range": "6.16.0 - 7.5.0",
+      "nodes": [
+        "node_modules/@typescript-eslint/type-utils"
+      ],
+      "fixAvailable": true
+    },
+    "@typescript-eslint/typescript-estree": {
+      "name": "@typescript-eslint/typescript-estree",
+      "severity": "high",
       "isDirect": false,
       "via": [
-        "@typescript-eslint/utils",
-        "eslint"
+        "minimatch"
       ],
       "effects": [
-        "@typescript-eslint/eslint-plugin"
+        "@typescript-eslint/parser",
+        "@typescript-eslint/type-utils",
+        "@typescript-eslint/utils"
       ],
-      "range": ">=5.9.2-alpha.0",
+      "range": "6.16.0 - 7.5.0",
       "nodes": [
-        "node_modules/@typescript-eslint/type-utils"
+        "node_modules/@typescript-eslint/typescript-estree"
       ],
-      "fixAvailable": false
+      "fixAvailable": true
     },
     "@typescript-eslint/utils": {
       "name": "@typescript-eslint/utils",
-      "severity": "moderate",
+      "severity": "high",
       "isDirect": false,
       "via": [
-        "@eslint-community/eslint-utils",
-        "eslint"
+        "@typescript-eslint/typescript-estree"
       ],
       "effects": [
-        "@typescript-eslint/eslint-plugin",
-        "@typescript-eslint/type-utils"
+        "@typescript-eslint/eslint-plugin"
       ],
-      "range": "*",
+      "range": "6.16.0 - 7.5.0",
       "nodes": [
         "node_modules/@typescript-eslint/utils"
       ],
-      "fixAvailable": false
+      "fixAvailable": true
     },
     "ajv": {
       "name": "ajv",
       "severity": "moderate",
       "isDirect": false,
       "via": [
         {
-          "source": 1113214,
+          "source": 1113428,
           "name": "ajv",
           "dependency": "ajv",
           "title": "ajv has ReDoS when using `$data` option",
           "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6",
           "severity": "moderate",
           "cwe": [
-            "CWE-400"
+            "CWE-400",
+            "CWE-1333"
           ],
           "cvss": {
             "score": 0,
             "vectorString": null
           },
-          "range": "<8.18.0"
+          "range": "<6.14.0"
         }
       ],
-      "effects": [
-        "@eslint/eslintrc",
-        "eslint"
-      ],
-      "range": "<8.18.0",
+      "effects": [],
+      "range": "<6.14.0",
       "nodes": [
         "node_modules/ajv"
       ],
-      "fixAvailable": false
-    },
-    "eslint": {
-      "name": "eslint",
-      "severity": "moderate",
-      "isDirect": true,
-      "via": [
-        "@eslint-community/eslint-utils",
-        "@eslint/eslintrc",
-        "ajv"
-      ],
-      "effects": [
-        "@eslint-community/eslint-utils",
-        "@typescript-eslint/eslint-plugin",
-        "@typescript-eslint/parser",
-        "@typescript-eslint/type-utils",
-        "@typescript-eslint/utils",
-        "eslint-config-prettier",
-        "eslint-plugin-prettier"
-      ],
-      "range": ">=4.2.0",
-      "nodes": [
-        "node_modules/eslint"
-      ],
-      "fixAvailable": false
+      "fixAvailable": true
     },
-    "eslint-config-prettier": {
-      "name": "eslint-config-prettier",
-      "severity": "moderate",
-      "isDirect": true,
+    "minimatch": {
+      "name": "minimatch",
+      "severity": "high",
+      "isDirect": false,
       "via": [
-        "eslint"
+        {
+          "source": 1113459,
+          "name": "minimatch",
+          "dependency": "minimatch",
+          "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
+          "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
+          "severity": "high",
+          "cwe": [
+            "CWE-1333"
+          ],
+          "cvss": {
+            "score": 0,
+            "vectorString": null
+          },
+          "range": "<3.1.3"
+        },
+        {
+          "source": 1113465,
+          "name": "minimatch",
+          "dependency": "minimatch",
+          "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
+          "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
+          "severity": "high",
+          "cwe": [
+            "CWE-1333"
+          ],
+          "cvss": {
+            "score": 0,
+            "vectorString": null
+          },
+          "range": ">=9.0.0 <9.0.6"
+        }
       ],
       "effects": [
-        "eslint-plugin-prettier"
-      ],
-      "range": ">=7.0.0",
-      "nodes": [
-        "node_modules/eslint-config-prettier"
-      ],
-      "fixAvailable": {
-        "name": "eslint-config-prettier",
-        "version": "6.15.0",
-        "isSemVerMajor": true
-      }
-    },
-    "eslint-plugin-prettier": {
-      "name": "eslint-plugin-prettier",
-      "severity": "moderate",
-      "isDirect": true,
-      "via": [
-        "eslint",
-        "eslint-config-prettier"
+        "@typescript-eslint/typescript-estree"
       ],
-      "effects": [],
-      "range": ">=3.0.0",
+      "range": "<3.1.3 || >=9.0.0 <9.0.6",
       "nodes": [
-        "node_modules/eslint-plugin-prettier"
-      ],
-      "fixAvailable": {
-        "name": "eslint-plugin-prettier",
-        "version": "2.7.0",
-        "isSemVerMajor": true
-      }
+        "node_modules/@eslint/eslintrc/node_modules/minimatch",
+        "node_modules/@humanwhocodes/config-array/node_modules/minimatch",
+        "node_modules/eslint/node_modules/minimatch",
+        "node_modules/glob/node_modules/minimatch",
+        "node_modules/minimatch",
+        "node_modules/test-exclude/node_modules/minimatch"
+      ],
+      "fixAvailable": true
     }
   },
   "metadata": {
     "vulnerabilities": {
       "info": 0,
       "low": 0,
-      "moderate": 10,
-      "high": 0,
+      "moderate": 1,
+      "high": 6,
       "critical": 0,
-      "total": 10
+      "total": 7
     },
     "dependencies": {
       "prod": 7,
diff --git a/dependency-updates.json b/dependency-updates.json
@@ -1,9 +1,9 @@
 {
   "@types/jest": "^30.0.0",
-  "@types/node": "^25.2.3",
-  "@typescript-eslint/eslint-plugin": "^8.56.0",
-  "@typescript-eslint/parser": "^8.56.0",
-  "eslint": "^10.0.0",
+  "@types/node": "^25.3.0",
+  "@typescript-eslint/eslint-plugin": "^8.56.1",
+  "@typescript-eslint/parser": "^8.56.1",
+  "eslint": "^10.0.2",
   "eslint-config-prettier": "^10.1.8",
   "eslint-plugin-prettier": "^5.5.5",
   "jest": "^30.2.0",
diff --git a/dependency-updates.txt b/dependency-updates.txt
@@ -8,10 +8,10 @@ Minor   Backwards-compatible features
 
 Major   Potentially breaking API changes
  @types/jest                       ^29.5.5  →  ^30.0.0
- @types/node                       ^20.5.0  →  ^25.2.3
- @typescript-eslint/eslint-plugin   ^6.4.0  →  ^8.56.0
- @typescript-eslint/parser          ^6.4.0  →  ^8.56.0
- eslint                            ^8.47.0  →  ^10.0.0
+ @types/node                       ^20.5.0  →  ^25.3.0
+ @typescript-eslint/eslint-plugin   ^6.4.0  →  ^8.56.1
+ @typescript-eslint/parser          ^6.4.0  →  ^8.56.1
+ eslint                            ^8.47.0  →  ^10.0.2
  eslint-config-prettier             ^9.0.0  →  ^10.1.8
  jest                              ^29.6.2  →  ^30.2.0
 
