Commit 7b3a4fb
authored
chore(deps): bump undici, http-proxy-middleware, webpack-dev-server, js-yaml (#958)
## Summary
Lockfile-only bumps of vulnerable transitive deps to patched versions,
all within existing semver ranges:
- `undici` 7.27.2 → 7.28.0 (high + medium + low)
- `http-proxy-middleware` 2.0.9 → 2.0.10 (medium)
- `webpack-dev-server` 5.2.4 → 5.2.5 (medium)
- `js-yaml` 3.14.2 → 3.15.0 (medium) — the `gray-matter` v3 line, now
patchable in-range (previously a holdout)
All dev/docs tooling except `undici`, which is in the runtime tree via
`proxy-agent`.
🤖 Generated with [Claude Code](https://claude.com/claude-code)1 parent 4fa9b66 commit 7b3a4fb
1 file changed
Lines changed: 334 additions & 334 deletions
0 commit comments