fix: Security updates #115
Merged
StepSecurity Actions Security / StepSecurity Required Checks
succeeded
Feb 2, 2026 in 2s
StepSecurity Required Checks
Finished StepSecurity Required Checks
- Pwn Request Vulnerabilities Check - Checks for Pwn Request vulnerabilities in the PR via risky triggers
- Script Injection Check - Checks for script injection vulnerabilities in the PR
- NPM Compromised Packages Check - Checks for compromised npm package versions in the PR
- NPM Package Cooldown Check - Fails if any package version in the PR was released within the configured cooldown period, helping to avoid brand-new (and potentially unreviewed or malicious) releases
Details
✅ Pwn Request Vulnerabilities Check
No Pwn Request vulnerabilities found in this PR.
✅ Script Injection Vulnerabilities Check
No Script Injection vulnerabilities found in this PR.
✅ NPM Compromised Packages Check
No Compromised npm packages are added in current PR.
✅ NPM Package Cooldown Check
No npm package upgrades to recent releases found in current PR.
The following npm packages are inspected in current PR
| Package Name | Previous Version | Current Version | file | Current Version Release Date |
|---|---|---|---|---|
| @eslint-community/eslint-utils | 4.4.0 | 4.9.1 | package-lock.json | 2025-12-31T14:49:52Z |
| eslint | 8.46.0 | 9.39.2 | package-lock.json | 2025-12-12T22:44:54Z |
| @eslint/js | 8.46.0 | 9.39.2 | package-lock.json | 2025-12-12T22:25:29Z |
| @eslint/eslintrc | 2.1.1 | 3.3.3 | package-lock.json | 2025-11-28T15:45:49Z |
| @eslint/plugin-kit | 0.4.1 | package-lock.json | 2025-10-29T14:21:48Z | |
| @eslint/config-helpers | 0.4.2 | package-lock.json | 2025-10-29T14:21:41Z | |
| @eslint/core | 0.17.0 | package-lock.json | 2025-10-29T14:21:34Z | |
| @eslint-community/regexpp | 4.6.2 | 4.12.2 | package-lock.json | 2025-10-22T11:56:00Z |
| @eslint/config-array | 0.21.1 | package-lock.json | 2025-10-17T17:58:16Z | |
| @eslint/object-schema | 2.1.7 | package-lock.json | 2025-10-17T17:58:12Z | |
| @humanfs/node | 0.16.7 | package-lock.json | 2025-09-03T15:14:05Z | |
| eslint-scope | 7.2.2 | 8.4.0 | package-lock.json | 2025-06-09T15:46:11Z |
| espree | 9.6.1 | 10.4.0 | package-lock.json | 2025-06-09T15:46:03Z |
| eslint-visitor-keys | 3.4.2 | 4.2.1 | package-lock.json | 2025-06-09T15:45:52Z |
| acorn | 8.12.1 | 8.15.0 | package-lock.json | 2025-06-08T16:23:04Z |
| @types/estree | 1.0.8 | package-lock.json | 2025-06-06T00:04:34Z | |
| @humanwhocodes/retry | 0.4.3 | package-lock.json | 2025-05-07T14:25:57Z | |
| flatted | 3.2.7 | 3.3.3 | package-lock.json | 2025-02-18T08:55:07Z |
| import-fresh | 3.3.0 | 3.3.1 | package-lock.json | 2025-02-02T09:45:41Z |
| @humanfs/core | 0.19.1 | package-lock.json | 2024-10-28T13:55:50Z | |
| ignore | 5.2.4 | 5.3.2 | package-lock.json | 2024-08-12T08:51:00Z |
| flat-cache | 3.0.4 | 4.0.1 | package-lock.json | 2024-03-02T16:09:41Z |
| globals | 13.20.0 | 14.0.0 | package-lock.json | 2024-02-10T15:40:47Z |
| file-entry-cache | 6.0.1 | 8.0.0 | package-lock.json | 2023-12-18T19:33:58Z |
| @types/json-schema | 7.0.15 | package-lock.json | 2023-11-07T08:49:23Z | |
| punycode | 2.3.0 | 2.3.1 | package-lock.json | 2023-10-30T18:28:32Z |
| keyv | 4.5.4 | package-lock.json | 2023-10-07T16:53:54Z | |
| json-buffer | 3.0.1 | package-lock.json | 2018-09-10T19:02:16Z |
⏲️ History
Previous invocation results of same check:
✅ Script Injection Vulnerabilities Check
No Script Injection vulnerabilities found in this PR.
✅ Pwn Request Vulnerabilities Check
No Pwn Request vulnerabilities found in this PR.
✅ NPM Compromised Packages Check
No Compromised npm packages are added in current PR.
✅ NPM Package Cooldown Check
No npm package upgrades to recent releases found in current PR.
The following npm packages are inspected in current PR
| Package Name | Previous Version | Current Version | file | Current Version Release Date |
|---|---|---|---|---|
| @eslint-community/eslint-utils | 4.4.0 | 4.9.1 | package-lock.json | 2025-12-31T14:49:52Z |
| eslint | 8.46.0 | 9.39.2 | package-lock.json | 2025-12-12T22:44:54Z |
| @eslint/js | 8.46.0 | 9.39.2 | package-lock.json | 2025-12-12T22:25:29Z |
| @eslint/eslintrc | 2.1.1 | 3.3.3 | package-lock.json | 2025-11-28T15:45:49Z |
| @eslint/plugin-kit | 0.4.1 | package-lock.json | 2025-10-29T14:21:48Z | |
| @eslint/config-helpers | 0.4.2 | package-lock.json | 2025-10-29T14:21:41Z | |
| @eslint/core | 0.17.0 | package-lock.json | 2025-10-29T14:21:34Z | |
| @eslint-community/regexpp | 4.6.2 | 4.12.2 | package-lock.json | 2025-10-22T11:56:00Z |
| @eslint/config-array | 0.21.1 | package-lock.json | 2025-10-17T17:58:16Z | |
| @eslint/object-schema | 2.1.7 | package-lock.json | 2025-10-17T17:58:12Z | |
| @humanfs/node | 0.16.7 | package-lock.json | 2025-09-03T15:14:05Z | |
| eslint-scope | 7.2.2 | 8.4.0 | package-lock.json | 2025-06-09T15:46:11Z |
| espree | 9.6.1 | 10.4.0 | package-lock.json | 2025-06-09T15:46:03Z |
| eslint-visitor-keys | 3.4.2 | 4.2.1 | package-lock.json | 2025-06-09T15:45:52Z |
| acorn | 8.12.1 | 8.15.0 | package-lock.json | 2025-06-08T16:23:04Z |
| @types/estree | 1.0.8 | package-lock.json | 2025-06-06T00:04:34Z | |
| @humanwhocodes/retry | 0.4.3 | package-lock.json | 2025-05-07T14:25:57Z | |
| flatted | 3.2.7 | 3.3.3 | package-lock.json | 2025-02-18T08:55:07Z |
| import-fresh | 3.3.0 | 3.3.1 | package-lock.json | 2025-02-02T09:45:41Z |
| @humanfs/core | 0.19.1 | package-lock.json | 2024-10-28T13:55:50Z | |
| ignore | 5.2.4 | 5.3.2 | package-lock.json | 2024-08-12T08:51:00Z |
| flat-cache | 3.0.4 | 4.0.1 | package-lock.json | 2024-03-02T16:09:41Z |
| globals | 13.20.0 | 14.0.0 | package-lock.json | 2024-02-10T15:40:47Z |
| file-entry-cache | 6.0.1 | 8.0.0 | package-lock.json | 2023-12-18T19:33:58Z |
| @types/json-schema | 7.0.15 | package-lock.json | 2023-11-07T08:49:23Z | |
| punycode | 2.3.0 | 2.3.1 | package-lock.json | 2023-10-30T18:28:32Z |
| keyv | 4.5.4 | package-lock.json | 2023-10-07T16:53:54Z | |
| json-buffer | 3.0.1 | package-lock.json | 2018-09-10T19:02:16Z |
⏲️ History
Previous invocation results of same check:
Loading