Skip to content

Apply non-breaking npm audit fix lockfile updates#2382

Merged
rzhao271 merged 1 commit into
mainfrom
copilot/run-npm-audit-fix-again
Jun 30, 2026
Merged

Apply non-breaking npm audit fix lockfile updates#2382
rzhao271 merged 1 commit into
mainfrom
copilot/run-npm-audit-fix-again

Conversation

Copilot AI commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

This PR addresses the audit-fix request by applying all non-breaking updates available via npm audit fix only. It intentionally avoids --force and avoids introducing/altering overrides.

  • Scope

    • Executed npm audit fix with default behavior.
    • Restricted changes to dependency resolution data in package-lock.json.
  • Dependency updates

    • Refreshed transitive package resolutions that npm can safely remediate without major-version jumps.
    • Left package.json dependency declarations unchanged.
  • Explicit non-goals

    • Did not apply breaking upgrades required by npm audit fix --force (notably in the gulp/chokidar chain).
    • Did not add or modify overrides.

Example (command used for this change):

npm audit fix

Copilot AI changed the title Run npm audit fix without force flags Apply non-breaking npm audit fix lockfile updates Jun 30, 2026
Copilot AI requested a review from rzhao271 June 30, 2026 18:14
@rzhao271 rzhao271 added this to the 1.128.0 milestone Jun 30, 2026
@rzhao271 rzhao271 marked this pull request as ready for review June 30, 2026 18:19
@rzhao271 rzhao271 enabled auto-merge (squash) June 30, 2026 18:20
@rzhao271 rzhao271 closed this Jun 30, 2026
auto-merge was automatically disabled June 30, 2026 19:59

Pull request was closed

@rzhao271 rzhao271 reopened this Jun 30, 2026
@rzhao271 rzhao271 merged commit 32ccce5 into main Jun 30, 2026
17 checks passed
@rzhao271 rzhao271 deleted the copilot/run-npm-audit-fix-again branch June 30, 2026 20:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants