chore(deps): bump @socketsecurity/lib to 5.18.2

jdalton · jdalton · commit 086addd6be3d · 2026-04-14T19:29:06.000-04:00
diff --git a/CLAUDE.md b/CLAUDE.md
@@ -21,6 +21,7 @@
 - Dependencies: After `package.json` edits, run `pnpm install` to update `pnpm-lock.yaml`
 - Backward Compatibility: 🚨 FORBIDDEN to maintain - actively remove when encountered (see canonical CLAUDE.md)
 - 🚨 **NEVER use `npx`, `pnpm dlx`, or `yarn dlx`** — use `pnpm exec <package>` for devDep binaries, or `pnpm run <script>` for package.json scripts. If a tool is needed, add it as a pinned devDependency first.
+- **minimumReleaseAge**: NEVER add packages to `minimumReleaseAgeExclude` in CI. Locally, ASK before adding — the age threshold is a security control.
 
 ---
 
diff --git a/package.json b/package.json
@@ -65,7 +65,7 @@
     "update": "node scripts/update.mjs"
   },
   "dependencies": {
-    "@socketsecurity/lib": "5.15.0",
+    "@socketsecurity/lib": "5.18.2",
     "form-data": "4.0.5"
   },
   "devDependencies": {
@@ -120,7 +120,7 @@
       "unrs-resolver"
     ],
     "overrides": {
-      "defu": ">=6.1.6",
+      "defu": ">=6.1.7",
       "vite": "7.3.2"
     }
   }
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
