Skip to content

fix: resolve vulnerable dependencies#56

Open
MDCYT wants to merge 2 commits into
mainfrom
security/fix-vulnerabilities
Open

fix: resolve vulnerable dependencies#56
MDCYT wants to merge 2 commits into
mainfrom
security/fix-vulnerabilities

Conversation

@MDCYT

@MDCYT MDCYT commented Jun 6, 2026

Copy link
Copy Markdown
Owner

Summary of changes:

  • Updated express from 4.18.2 to 4.21.2
  • Updated axios from 1.6.7 to 1.7.7
  • Updated cheerio from 1.0.0-rc.12 to 1.0.0
  • Updated undici to 8.3.0 (latest secure version)
  • Updated playwright to 1.48.2 (latest secure version)
  • Added ws 8.17.1 (latest secure version)
  • Removed node-fetch dependency (replaced with native fetch API for Node 18+ compatibility)

These updates resolve several security vulnerabilities and ensure the repository is using more secure and up-to-date dependencies.

@MDCYT
fix: resolve vulnerable dependencies
0ae9285 
- Updated express from 4.18.2 to 4.21.2
- Updated axios from 1.6.7 to 1.7.7
- Updated cheerio from 1.0.0-rc.12 to 1.0.0
- Updated undici to 8.3.0 (latest secure version)
- Updated playwright to 1.48.2 (latest secure version)
- Added ws 8.17.1 (latest secure version)
- Removed node-fetch dependency (replaced with native fetch API for Node 18+)

These updates resolve known security vulnerabilities and improve overall package security.
@deepsource-io

deepsource-io Bot commented Jun 6, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

DeepSource Code Review

We reviewed changes in e038918...bddae91 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Security  

Reliability  

Complexity  

Hygiene  

Code Review Summary

Analyzer Status Updated (UTC) Details
JavaScript Jun 6, 2026 4:51p.m. Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MDCYT