From e5b991818351edd0642dd9326f31b26aad49d2a0 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 10 Jul 2026 17:48:56 +0000 Subject: [PATCH 1/2] Initial plan From ebc67ac528a065e45395ec16ca9f61fa913dfeef Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 10 Jul 2026 17:51:04 +0000 Subject: [PATCH 2/2] fix: update js-yaml to 3.15.0 to resolve CVE-2026-53550 DoS vulnerability --- package-lock.json | 6 +++--- package.json | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 12c5d77..1a014d8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6237,9 +6237,9 @@ "license": "MIT" }, "node_modules/js-yaml": { - "version": "3.14.2", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.2.tgz", - "integrity": "sha512-PMSmkqxr106Xa156c2M265Z+FTrPl+oxd/rgOQy2tijQeK5TxQ43psO1ZCwhVOSdnn+RzkzlRz/eY4BgJBYVpg==", + "version": "3.15.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.15.0.tgz", + "integrity": "sha512-ttBQIIQPDeLjpPOohtUdXuXUVoA2uIB6fEH9HyJ7234s5mBJ5wTx20njxplLZQgLaOfpmPQA7X2t5AX6tIPbog==", "dev": true, "license": "MIT", "dependencies": { diff --git a/package.json b/package.json index 0839b63..0bd5471 100644 --- a/package.json +++ b/package.json @@ -34,6 +34,7 @@ }, "overrides": { "@opentelemetry/core": "2.8.0", + "js-yaml": "3.15.0", "protobufjs": "8.6.3", "uuid": "11.1.1" },