Add overrides and version upgrades for dev dependencies with high severity vulnerabilities #1013

ajivanyandev · 2025-11-26T13:00:41Z

No description provided.

Copilot

Pull request overview

This PR upgrades development dependencies to address high severity vulnerabilities by bumping puppeteer to version 24 and adding an override for cross-spawn through the pre-commit dependency path.

Key changes:

Puppeteer upgraded from v21.11.0 to v24.31.0 (major version bump)
Added override forcing cross-spawn 7.0.6 for pre-commit's dependency
Added .npmrc configuration to skip puppeteer chromium download

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.

File	Description
package.json	Updates puppeteer version and adds cross-spawn override for pre-commit
package-lock.json	Reflects transitive dependency updates from puppeteer upgrade and related packages
.npmrc	Adds configuration to skip puppeteer chromium download during installation

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

package.json

This reverts commit bca2dd6.

This reverts commit 9452182.

This reverts commit 03471d4.

This reverts commit acda9ed.

fix high severity alerts

72d625e

Copilot AI review requested due to automatic review settings November 26, 2025 13:00

Copilot started reviewing on behalf of ajivanyandev November 26, 2025 13:01 View session

Copilot finished reviewing on behalf of ajivanyandev November 26, 2025 13:01

Copilot AI reviewed Nov 26, 2025

View reviewed changes

package.json Outdated Show resolved Hide resolved

ajivanyandev added 14 commits November 26, 2025 17:12

add ip dep

78e90ec

add overrides, return puppeteer to initial version

7b0fb8d

add ip dep

26c2b4e

add ip to lock

1e660df

delete npmrc

4f6466f

add version ranges

8bb56c8

test pnpm migration

acda9ed

fix pnpm cache

03471d4

fix cache

9452182

fix chace

bca2dd6

Revert "fix chace"

ad1dbec

This reverts commit bca2dd6.

Revert "fix cache"

6dec35f

This reverts commit 9452182.

Revert "fix pnpm cache"

5d63c1e

This reverts commit 03471d4.

Revert "test pnpm migration"

2e2150f

This reverts commit acda9ed.

ajivanyandev self-assigned this Nov 27, 2025

ajivanyandev requested a review from GoodDayForSurf November 27, 2025 10:50

GoodDayForSurf approved these changes Nov 27, 2025

View reviewed changes

ajivanyandev merged commit 0849d92 into master Nov 27, 2025
43 checks passed

ajivanyandev deleted the fix/high-severity-deps branch November 27, 2025 10:58

ajivanyandev restored the fix/high-severity-deps branch November 27, 2025 11:00

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add overrides and version upgrades for dev dependencies with high severity vulnerabilities #1013

Add overrides and version upgrades for dev dependencies with high severity vulnerabilities #1013

Uh oh!

ajivanyandev commented Nov 26, 2025

Uh oh!

Copilot AI left a comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Add overrides and version upgrades for dev dependencies with high severity vulnerabilities #1013

Add overrides and version upgrades for dev dependencies with high severity vulnerabilities #1013

Uh oh!

Conversation

ajivanyandev commented Nov 26, 2025

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants