Commit a9bf35e
committed
fix: force json5@^2.2.3 via overrides to fix CI 403 block
json5@1.0.2 (transitively pulled by tsconfig-paths) is blocked by GitHub
Actions npm security policy due to prototype pollution CVE. Added npm overrides
to force json5 to >=2.2.3 across the entire dependency tree. Regenerated
lockfile with full clean install (rm -rf node_modules package-lock.json).1 parent 2a38ebe commit a9bf35e
2 files changed
+1206
-128
lines changed
0 commit comments