Commit 3071eac
fix(deps): resolve moderate npm audit findings (hono, ip-address, express-rate-limit)
Resolved via `npm audit fix` (in-range patch upgrades only):
- hono 4.12.14 -> 4.12.18 (GHSA-9vqf-7f2p-gf9v bodyLimit bypass; GHSA-69xw-7hcm-h432 JSX HTML injection); via @modelcontextprotocol/sdk -> @hono/node-server / hono.
- ip-address 10.1.0 -> 10.2.0 (GHSA-v2v4-37r5-5v8g XSS in Address6 HTML methods); via @modelcontextprotocol/sdk -> express-rate-limit.
- express-rate-limit 8.3.1 -> 8.5.1 (transitively pulled patched ip-address).
`npm audit --audit-level=moderate` now exits 0. Build (`npm run build`) succeeds; test suite has 9 pre-existing failures unrelated to this change (CI runs build only, not tests).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>1 parent d62157a commit 3071eac
1 file changed
Lines changed: 10 additions & 10 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments