fix(docs-website): upgrade Docusaurus to 3.10.0 and patch serialize-javascript by Copilot · Pull Request #66 · aflock-ai/aflock

Copilot · 2026-04-09T13:51:31Z

Multiple high-severity npm vulnerabilities in docs-website due to stale Docusaurus and a vulnerable transitive serialize-javascript dependency.

Changes

Docusaurus 3.7.0 → 3.10.0 — upgrades @docusaurus/core, @docusaurus/preset-classic, @docusaurus/module-type-aliases, @docusaurus/types, resolving webpack-dev-server and bundler-related CVEs
serialize-javascript override → ^7.0.5 — forces the transitive dep (pinned at 6.0.2 inside @docusaurus/bundler) to a safe version, fixing:
- GHSA-5c6j-r48x-rmvq — RCE via RegExp.flags / Date.prototype.toISOString()
- GHSA-qj8w-gfj5-8c6v — CPU exhaustion DoS via crafted array-like objects

"overrides": {
  "serialize-javascript": "^7.0.5"
}

npm audit now reports 0 vulnerabilities (down from 25).

…o 7.0.5 to fix security vulnerabilities Agent-Logs-Url: https://github.com/aflock-ai/aflock/sessions/2a4b8cb9-e140-47b7-9d5e-04f829857df5 Co-authored-by: manzil-infinity180 <119070053+manzil-infinity180@users.noreply.github.com>

Copilot AI assigned Copilot and manzil-infinity180 Apr 9, 2026

Copilot created this pull request from a session on behalf of manzil-infinity180 April 9, 2026 13:51 View session

manzil-infinity180 marked this pull request as ready for review April 9, 2026 13:51

Copilot AI had a problem deploying to preview April 9, 2026 13:51 Failure