You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Remediation: Updated brace-expansion from 5.0.5 → 5.0.6
Updated Dependencies
Production Dependencies
Package
Previous
Updated
Type
ajv
8.18.0
8.20.0
patch
commander
12.0.0
12.1.0
minor
Development Dependencies
Package
Previous
Updated
Type
@babel/preset-env
7.29.0
7.29.5
patch
@commitlint/cli
20.4.1
20.5.3
patch
@commitlint/config-conventional
20.4.1
20.5.3
patch
@eslint/compat
2.0.5
2.1.0
minor
@types/node
25.6.0
25.9.1
patch
@typescript-eslint/eslint-plugin
8.58.2
8.59.4
patch
@typescript-eslint/parser
8.58.2
8.59.4
patch
babel-jest
30.2.0
30.4.1
patch
esbuild
0.25.0
0.25.12
patch
eslint
10.2.1
10.4.0
patch
globals
17.5.0
17.6.0
patch
jest
30.2.0
30.4.2
patch
ts-jest
29.4.9
29.4.11
patch
typescript
5.0.0
5.9.3
minor
typescript-eslint
8.58.2
8.59.4
patch
Verification
Build passes: npm run build
Lint passes: npm run lint (warnings are pre-existing)
No breaking changes detected
Security vulnerability resolved
Notes
Test suite has 2 environmental failures unrelated to dependency updates (IP address resolution and filesystem permission issues present before updates)
All lint warnings are pre-existing and not introduced by these updates
Updates follow semantic versioning and are backward-compatible
Generated by Dependency Security Monitor Workflow
Run ID: 26354452329
Timestamp: 2026-05-24T06:53:20.773Z
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
package-lock.json
package.json
The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.
Create the pull request manually
# Download the patch from the workflow run
gh run download 26354452329 -n agent -D /tmp/agent-26354452329
# Create a new branch
git checkout -b deps/safe-updates-2026-05-24-21081fbf3a8493a9 main
# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-26354452329/aw-deps-safe-updates-2026-05-24.patch
# Push the branch and create the pull request
git push origin deps/safe-updates-2026-05-24-21081fbf3a8493a9
gh pr create --title '[Deps] Safe dependency updates (2026-05-24)' --base main --head deps/safe-updates-2026-05-24-21081fbf3a8493a9 --repo github/gh-aw-firewall
Automated Safe Dependency Updates
This PR contains safe patch-level dependency updates that have been verified to:
Security Fixes
Remediation: Updated
brace-expansionfrom 5.0.5 → 5.0.6Updated Dependencies
Production Dependencies
Development Dependencies
@babel/preset-env@commitlint/cli@commitlint/config-conventional@eslint/compat@types/node@typescript-eslint/eslint-plugin@typescript-eslint/parserVerification
npm run buildnpm run lint(warnings are pre-existing)Notes
Generated by Dependency Security Monitor Workflow
Run ID: 26354452329
Timestamp: 2026-05-24T06:53:20.773Z
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
package-lock.jsonpackage.jsonCreate the pull request manually