Skip to content

Refresh npm dependencies and resolve remaining audit finding#3087

Merged
pethers merged 5 commits into
mainfrom
copilot/update-dependencies-fix-security
Jun 30, 2026
Merged

Refresh npm dependencies and resolve remaining audit finding#3087
pethers merged 5 commits into
mainfrom
copilot/update-dependencies-fix-security

Conversation

Copilot AI commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

This change updates the project’s npm dependency set and removes the remaining security advisory surfaced by the audit workflow. The focus is on keeping the dependency tree current while applying the smallest safe override needed to address a transitive vulnerability.

  • Updated the direct dependency set to the latest compatible patch release available for the current toolchain, including a Vite refresh.
  • Added a targeted npm override to pin brace-expansion to a secure release so the remaining transitive advisory is resolved without broad package churn.
  • Refreshed the lockfile so installs and CI use the updated dependency graph consistently.

Copilot AI and others added 4 commits June 30, 2026 10:59
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
@github-actions github-actions Bot added documentation Documentation updates size-xs Extra small change (< 10 lines) labels Jun 30, 2026
@github-actions

Copy link
Copy Markdown
Contributor

🏷️ Automatic Labeling Summary

This PR has been automatically labeled based on the files changed and PR metadata.

Applied Labels: documentation,size-xs

Label Categories

  • 🗳️ Content: news, dashboard, visualization, intelligence
  • 💻 Technology: html-css, javascript, workflow, security
  • 📊 Data: cia-data, riksdag-data, data-pipeline, schema
  • 🌍 I18n: i18n, translation, rtl
  • 🔒 ISMS: isms, iso-27001, nist-csf, cis-controls
  • 🏗️ Infrastructure: ci-cd, deployment, performance, monitoring
  • 🔄 Quality: testing, accessibility, documentation, refactor
  • 🤖 AI: agent, skill, agentic-workflow

For more information, see .github/labeler.yml.

@github-actions

Copy link
Copy Markdown
Contributor

🔍 Lighthouse Performance Audit

Category Score Status
Performance 85/100 🟡
Accessibility 95/100 🟢
Best Practices 90/100 🟢
SEO 95/100 🟢

📥 Download full Lighthouse report

Budget Compliance: Performance budgets enforced via budget.json

@github-actions

Copy link
Copy Markdown
Contributor

🔍 Lighthouse Performance Audit

Category Score Status
Performance 85/100 🟡
Accessibility 95/100 🟢
Best Practices 90/100 🟢
SEO 95/100 🟢

📥 Download full Lighthouse report

Budget Compliance: Performance budgets enforced via budget.json

@pethers pethers marked this pull request as ready for review June 30, 2026 11:38
Copilot AI review requested due to automatic review settings June 30, 2026 11:38
@pethers pethers merged commit 7a18134 into main Jun 30, 2026
19 checks passed
@pethers pethers deleted the copilot/update-dependencies-fix-security branch June 30, 2026 11:38

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review this pull request because it exceeds the maximum number of files (300). Try reducing the number of changed files and requesting a review from Copilot again.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation Documentation updates size-xs Extra small change (< 10 lines)

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants