chore(deps): bump crate-ci/typos from 1.46.2 to 1.46.3 in the actions group (#29)

dependabot[bot] · mastermanas805 · claude · web-flow · commit 1bbb9f5ce1fb · 2026-05-29T10:50:12.000+05:30
* chore(deps): bump crate-ci/typos in the actions group Bumps the actions group with 1 update: [crate-ci/typos](https://github.com/crate-ci/typos). Updates `crate-ci/typos` from 1.46.2 to 1.46.3 - [Release notes](https://github.com/crate-ci/typos/releases) - [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md) - [Commits](crate-ci/typos@v1.46.2...v1.46.3) --- updated-dependencies: - dependency-name: crate-ci/typos dependency-version: 1.46.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): pin qs to ^6.15.2 via npm overrides to fix GHSA-q8mj-m7cp-5q26 scan / osv-scan flagged qs@6.15.0 (transitive via body-parser/express) as vulnerable to GHSA-q8mj-m7cp-5q26 (CVSS 6.3, medium). Fixed in 6.15.2. Added a top-level npm overrides entry so the transitive resolves to a patched version without touching the express/body-parser declared ranges. Lockfile regenerated; the single node_modules/qs node now resolves to 6.15.2 (verified). Local gate green: npm ci, npm run build, npm test (248/248 pass, coverage 99.81% lines / 95.03% branches). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Manas Srivastava <mastermanas805@gmail.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
diff --git a/.github/workflows/typos.yml b/.github/workflows/typos.yml
@@ -15,5 +15,5 @@ jobs:
     timeout-minutes: 3
     steps:
       - uses: actions/checkout@v6
-      - uses: crate-ci/typos@v1.46.2
+      - uses: crate-ci/typos@v1.46.3
         continue-on-error: true  # warn-only — surface findings without blocking CI
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -61,5 +61,8 @@
   "engines": {
     "node": ">=18"
   },
-  "mcpName": "io.github.InstaNode-dev/mcp"
+  "mcpName": "io.github.InstaNode-dev/mcp",
+  "overrides": {
+    "qs": "^6.15.2"
+  }
 }
