Skip to content

fix: Security updates and test coverage improvements#7

Merged
jdrhyne merged 1 commit intomainfrom
fix/security-and-coverage-improvements
Jan 13, 2026
Merged

fix: Security updates and test coverage improvements#7
jdrhyne merged 1 commit intomainfrom
fix/security-and-coverage-improvements

Conversation

@jdrhyne
Copy link
Copy Markdown
Contributor

@jdrhyne jdrhyne commented Jan 13, 2026

Summary

This PR addresses security vulnerabilities and updates dependencies to their latest stable versions.

Security Fixes

  • axios: Updated from ^1.10.0 to ^1.13.2 (fixes DoS vulnerability GHSA-4hjh-wcwx-xvwj)
  • form-data: Updated from ^4.0.4 to ^4.0.5
  • npm overrides added for transitive vulnerabilities:

Dependency Updates

All devDependencies updated to latest compatible versions including:

  • TypeScript 5.9.3
  • Jest 30.2.0
  • ESLint 9.39.2
  • And more (see CHANGELOG.md for full list)

Test Coverage

  • Switched to V8 coverage provider for Node.js 25+ compatibility
  • Excluded generated API types from coverage (reduces noise)
  • Overall coverage: 91.97%
  • staged-workflow.ts: 100% coverage

Other Changes

  • Added CHANGELOG.md following Keep a Changelog format

Testing

  • All 279 tests pass
  • npm audit reports 0 vulnerabilities

@jdrhyne
fix: security updates, dependency bumps, and improved test coverage
4928c87 
Security:
- Updated axios from ^1.10.0 to ^1.13.2 (DoS vulnerability fix)
- Updated form-data from ^4.0.4 to ^4.0.5
- Added npm overrides for transitive vulnerabilities:
  - glob ^11.0.4 (command injection fix)
  - js-yaml ^4.1.1 (prototype pollution fix)

DevDependencies updated to latest stable versions.

Test coverage improvements:
- Switched to V8 coverage provider for Node.js 25+ compatibility
- Excluded generated API types from coverage collection
- Overall coverage: 91.97% (staged-workflow.ts: 100%)

Added CHANGELOG.md following Keep a Changelog format.
@jdrhyne jdrhyne mentioned this pull request Jan 13, 2026
Merged
@jdrhyne jdrhyne marked this pull request as ready for review January 13, 2026 06:19
HungKNguyen
HungKNguyen approved these changes Jan 13, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@HungKNguyen HungKNguyen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jdrhyne jdrhyne merged commit f8c1f69 into main Jan 13, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@HungKNguyen HungKNguyen HungKNguyen approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jdrhyne @HungKNguyen