Fix vulnerable dependencies and update CLAUDE.md

- Update pdfminer.six minimum version to 20251230 (fixes GHSA-f83h-ghpp-7wcc)
- Add filelock>=3.20.3 constraint (fixes GHSA-w853-jp5j-5j7f, GHSA-qmgc-5h2g-mvrw)
- Add pre-commit checklist to CLAUDE.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: ESultanik

CLAUDE.md

@@ -89,6 +89,20 @@ pytest tests/test_corkami.py  # Polyglot corpus
 pip-audit
 ```
 
+### Pre-Commit Checklist
+Run all checks before committing changes:
+```bash
+# Lint
+flake8 polyfile polymerge --max-complexity=10 --max-line-length=127 \
+    --exclude=polyfile/kaitai/parsers
+
+# Security audit (checks for vulnerable dependencies)
+pip-audit
+
+# Tests
+pytest tests
+```
+
 ## Code Navigation
 
 ### Finding Matchers

setup.py

@@ -28,12 +28,13 @@
         "chardet>=5.0.0",
         "cint>=1.0.0",
         "fickling>=0.0.8",
+        "filelock>=3.20.3",
         "graphviz>=0.20.1",
         "intervaltree>=2.4.0",
         "jinja2>=2.1.0",
         "kaitaistruct~=0.10",
         "networkx>=2.6.3",
-        "pdfminer.six>=20251107",
+        "pdfminer.six>=20251230",
         "Pillow>=5.0.0",
         "pyreadline3;platform_system=='Windows'",
         "pyyaml>=3.13",