fix: sync lockfile axios specifier and remove redundant flatted override

github-actions[bot] · claude · github-actions[bot] · commit a7ad7d201847 · 2026-05-19T08:31:51.000Z
The package-lock.json root spec for axios was stale (^1.13.6) while
package.json already specified ^1.16.0. This mismatch could cause
security scanners to flag the dependency as vulnerable. Regenerated
the lockfile to sync the spec. Also removed the flatted override
since flat-cache@3.0.4 already resolves to 3.4.2 without it.

Resolves: GRAL-5985

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,10 @@ For public Changelog covering all changes done to Pipedrive’s API, webhooks an
 
 ## [Unreleased]
 
+### Security
+- Synced `package-lock.json` to match `package.json` `axios` specifier (`^1.16.0`), fixing stale lockfile metadata that referenced `^1.13.6`
+- Removed redundant `flatted` override — parent `flat-cache@3.0.4` (`^3.1.0`) already resolves to `3.4.2`
+
 ## [33.0.1] - 2026-05-13
 
 ### Fixed
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -88,8 +88,7 @@
     "typescript-eslint": "^8.56.1"
   },
   "overrides": {
-    "serialize-javascript": "^7.0.4",
-    "flatted": "^3.4.0"
+    "serialize-javascript": "^7.0.4"
   },
   "lint-staged": {
     "*.{ts,js}": [
