Skip to content

fix(security): apply dependency audit remediations#16

Open
SafetyMP wants to merge 5 commits into
mainfrom
fix/security-deps
Open

fix(security): apply dependency audit remediations#16
SafetyMP wants to merge 5 commits into
mainfrom
fix/security-deps

Conversation

@SafetyMP

Copy link
Copy Markdown
Owner

Summary

  • Apply npm audit fix for high+ severity issues.
  • Update Go module dependencies where applicable.

Test plan

  • CI passes
  • VulnerabilitiesID Scorecard alert count decreases

Run npm audit fix (high+) and go mod tidy updates to address
OpenSSF Scorecard VulnerabilitiesID rollup findings.
Copilot AI review requested due to automatic review settings July 12, 2026 00:44

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sage Hart added 4 commits July 11, 2026 19:59
The previous google-github-actions/run-gemini-cli@v1 tag does not exist,
so the agent-review workflow failed before running.
Remove the inline comment from the JSON settings block so the review
action can parse its configuration.
run-gemini-cli reads authentication from the gemini_api_key input, not
from a standalone environment variable.
The review workflow should not fail PRs when GEMINI_API_KEY is not
configured or unavailable to the pull_request context.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants