chore(release): Update version to v1.4.393

2026-04-24 03:00:15 -04:00 · 2026-01-25 22:04:02 +00:00
parent 7e2656bfa5
commit f87f6b5d95
6 changed files with 111 additions and 9 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,22 @@
 # Changelog

+## v1.4.393 (2026-01-25)
+
+### PR [#1969](https://github.com/danielmiessler/Fabric/pull/1969) by [ksylvan](https://github.com/ksylvan): Critical and High Impact NPM dependabot issues fixed
+
+- Security: fix critical and high priority npm vulnerabilities including form-data upgrade to 4.0.5, glob upgrade to ≥10.5.0, and qs upgrade to 6.14.1
+- Security: fix critical ollama authentication vulnerability by updating from v0.13.5 to v0.15.1 to prevent unauthorized model management operations
+- Security: add npm support with package-lock.json for dual package manager compatibility, enabling both npm and pnpm users to maintain consistent security posture
+
+### Direct commits
+
+- Chore: remove deprecated wisdom extraction patterns from pattern libraries
+
+- Remove extract_wisdom_short from pattern descriptions catalog
+- Drop extract_wisdomjm pattern extract definition
+
+- Delete extract_wisdom_short extract template block
+
 ## v1.4.392 (2026-01-25)

 ### PR [#1968](https://github.com/danielmiessler/Fabric/pull/1968) by [ksylvan](https://github.com/ksylvan): New `extract_all_quotes` and move misplaced patterns
--- a/cmd/fabric/version.go
+++ b/cmd/fabric/version.go
@@ -1,3 +1,3 @@
 package main

-var version = "v1.4.392"
+var version = "v1.4.393"
--- a/cmd/generate_changelog/changelog.db
+++ b/cmd/generate_changelog/changelog.db
--- a/cmd/generate_changelog/incoming/1969.txt
+++ b/cmd/generate_changelog/incoming/1969.txt
@@ -1,5 +0,0 @@
-### PR [#1969](https://github.com/danielmiessler/Fabric/pull/1969) by [ksylvan](https://github.com/ksylvan): Critical and High Impact NPM dependabot issues fixed
-
- Security: fix critical and high priority npm vulnerabilities including form-data upgrade to 4.0.5, glob upgrade to ≥10.5.0, and qs upgrade to 6.14.1
- Security: fix critical ollama authentication vulnerability by updating from v0.13.5 to v0.15.1 to prevent unauthorized model management operations
- Security: add npm support with package-lock.json for dual package manager compatibility, enabling both npm and pnpm users to maintain consistent security posture
--- a/nix/pkgs/fabric/gomod2nix.toml
+++ b/nix/pkgs/fabric/gomod2nix.toml
@@ -31,12 +31,18 @@ schema = 3
  [mod."github.com/ProtonMail/go-crypto"]
    version = "v1.3.0"
    hash = "sha256-TUG+C4MyeWglOmiwiW2/NUVurFHXLgEPRd3X9uQ1NGI="
+  [mod."github.com/agnivade/levenshtein"]
+    version = "v1.1.1"
+    hash = "sha256-tgv2s8XIcWjscv1pP87TOIUV4vADT2px1Lo/MQCTBjM="
  [mod."github.com/andybalholm/cascadia"]
    version = "v1.3.3"
    hash = "sha256-jv7ZshpSd7FZzKKN6hqlUgiR8C3y85zNIS/hq7g76Ho="
  [mod."github.com/anthropics/anthropic-sdk-go"]
    version = "v1.19.0"
    hash = "sha256-ubYeau5XL0tx4c/79L58rzJGOdOWs9z6WQOtN6mpgxw="
+  [mod."github.com/apache/arrow/go/arrow"]
+    version = "v0.0.0-20211112161151-bc219186db40"
+    hash = "sha256-hcVrZsJuiRIDx13QDKCxUtZgmze6iFkwyjDvQxkzcR8="
  [mod."github.com/araddon/dateparse"]
    version = "v0.0.0-20210429162001-6b43995a97de"
    hash = "sha256-UuX84naeRGMsFOgIgRoBHG5sNy1CzBkWPKmd6VbLwFw="
@@ -94,6 +100,12 @@ schema = 3
  [mod."github.com/aws/smithy-go"]
    version = "v1.24.0"
    hash = "sha256-ZPFhf2Yv3BQpUn3cN4wSnoO7uBki8oCisZxL6F09nnE="
+  [mod."github.com/bahlo/generic-list-go"]
+    version = "v0.2.0"
+    hash = "sha256-BIzqwG61hnMDknZOn/5+VX09yemzFzMjhPF48XoALto="
+  [mod."github.com/buger/jsonparser"]
+    version = "v1.1.1"
+    hash = "sha256-T6dXT6Vzpm8gvQYi+c2LZkV+8ZOp0ZXBX7+e1mlliZE="
  [mod."github.com/bytedance/gopkg"]
    version = "v0.1.3"
    hash = "sha256-GyUbPfn41y/mgj0cQOa4tm+aj70C2K50VBZxZc/tcZE="
@@ -103,6 +115,12 @@ schema = 3
  [mod."github.com/bytedance/sonic/loader"]
    version = "v0.4.0"
    hash = "sha256-Hc2bB9nLEFhyipIVHKnJmi6WMoWPCe0REK3bmQThO4A="
+  [mod."github.com/chewxy/hm"]
+    version = "v1.0.0"
+    hash = "sha256-JxcBIvNVb7L9sA+dh2mzylpco+840cyJ8YlRgcPjmDg="
+  [mod."github.com/chewxy/math32"]
+    version = "v1.11.0"
+    hash = "sha256-725Ku2oPLG7VWqpt5aBzsu5Byk5SNHLFG1JwUsx9gh8="
  [mod."github.com/cloudflare/circl"]
    version = "v1.6.1"
    hash = "sha256-Dc69V12eIFnJoUNmwg6VKXHfAMijbAeEVSDe8AiOaLo="
@@ -112,21 +130,36 @@ schema = 3
  [mod."github.com/coder/websocket"]
    version = "v1.8.13"
    hash = "sha256-NbF0aPhy8YR3jRM6LMMQTtkeGTFba0eIBPAUsqI9KOk="
+  [mod."github.com/containerd/console"]
+    version = "v1.0.3"
+    hash = "sha256-4p4u/rS7G4KKbIcZaVMqE1OtSoNlOpmcYFwO0ZEH/V0="
  [mod."github.com/cyphar/filepath-securejoin"]
    version = "v0.4.1"
    hash = "sha256-NOV6MfbkcQbfhNmfADQw2SJmZ6q1nw0wwg8Pm2tf2DM="
+  [mod."github.com/d4l3k/go-bfloat16"]
+    version = "v0.0.0-20211005043715-690c3bdd05f1"
+    hash = "sha256-fmcENqbxuBH1/QQRCQ56FGLIR8mJDJjtf4rRktvzUK8="
  [mod."github.com/davecgh/go-spew"]
    version = "v1.1.2-0.20180830191138-d8f796af33cc"
    hash = "sha256-fV9oI51xjHdOmEx6+dlq7Ku2Ag+m/bmbzPo6A4Y74qc="
+  [mod."github.com/dlclark/regexp2"]
+    version = "v1.11.4"
+    hash = "sha256-1uCoCYCKyP8QZddlYfJCTWmcrKlEFNCsxWwMde9MspE="
  [mod."github.com/emirpasic/gods"]
    version = "v1.18.1"
    hash = "sha256-hGDKddjLj+5dn2woHtXKUdd49/3xdsqnhx7VEdCu1m4="
+  [mod."github.com/emirpasic/gods/v2"]
+    version = "v2.0.0-alpha"
+    hash = "sha256-xRzGfHnzBR8S0TTJz/3gapl+aSj/E8RPwVIGltPuEuI="
  [mod."github.com/felixge/httpsnoop"]
    version = "v1.0.4"
    hash = "sha256-c1JKoRSndwwOyOxq9ddCe+8qn7mG9uRq2o/822x5O/c="
  [mod."github.com/gabriel-vasile/mimetype"]
    version = "v1.4.12"
    hash = "sha256-vY2g58yUrkT//8fttRKhS9rbg89YSae/BzOARS5uH30="
+  [mod."github.com/gin-contrib/cors"]
+    version = "v1.7.2"
+    hash = "sha256-rsr5CIPTtV/65WUesCpzMj7zpgnp01uTeosRkrCCEyA="
  [mod."github.com/gin-contrib/sse"]
    version = "v1.1.0"
    hash = "sha256-2VP6zHEsPi0u2ZYpOTcLulwj1Gsmb6oA19qcP2/AzVM="
@@ -199,12 +232,21 @@ schema = 3
  [mod."github.com/goccy/go-yaml"]
    version = "v1.19.1"
    hash = "sha256-zlT9y4wkvyv7RBv48jdJqOM2lrDMLrC6Z6hCl90c5hQ="
+  [mod."github.com/gogo/protobuf"]
+    version = "v1.3.2"
+    hash = "sha256-pogILFrrk+cAtb0ulqn9+gRZJ7sGnnLLdtqITvxvG6c="
  [mod."github.com/gogs/chardet"]
    version = "v0.0.0-20211120154057-b7413eaefb8f"
    hash = "sha256-4MeqBJsh4U+ZEbfdDwdciTYMlQWkCil2KJbUxHjBSIo="
  [mod."github.com/golang/groupcache"]
    version = "v0.0.0-20241129210726-2c02b8208cf8"
    hash = "sha256-AdLZ3dJLe/yduoNvZiXugZxNfmwJjNQyQGsIdzYzH74="
+  [mod."github.com/golang/protobuf"]
+    version = "v1.5.4"
+    hash = "sha256-N3+Lv9lEZjrdOWdQhFj6Y3Iap4rVLEQeI8/eFFyAMZ0="
+  [mod."github.com/google/flatbuffers"]
+    version = "v24.3.25+incompatible"
+    hash = "sha256-b96yDt5Agzf8/VYrueYjuwvHE7cD8J1H/gVavQH+BRI="
  [mod."github.com/google/go-cmp"]
    version = "v0.7.0"
    hash = "sha256-JbxZFBFGCh/Rj5XZ1vG94V2x7c18L8XKB0N9ZD5F2rM="
@@ -259,9 +301,15 @@ schema = 3
  [mod."github.com/leodido/go-urn"]
    version = "v1.4.0"
    hash = "sha256-Q6kplWkY37Tzy6GOme3Wut40jFK4Izun+ij/BJvcEu0="
+  [mod."github.com/mailru/easyjson"]
+    version = "v0.7.7"
+    hash = "sha256-NVCz8MURpxgOjHXqxOZExqV4bnpHggpeAOyZDArjcy4="
  [mod."github.com/mattn/go-isatty"]
    version = "v0.0.20"
    hash = "sha256-qhw9hWtU5wnyFyuMbKx+7RB8ckQaFQ8D+8GKPkN3HHQ="
+  [mod."github.com/mattn/go-runewidth"]
+    version = "v0.0.14"
+    hash = "sha256-O3QdxqAcJgQ+HL1v8oBA4iKBwJ2AlDN+F464027hWMU="
  [mod."github.com/mattn/go-sqlite3"]
    version = "v1.14.32"
    hash = "sha256-su0SoXnt5pE78t5VXFXQoH2dtP0ohWdyj3TNSZQyWE0="
@@ -274,9 +322,15 @@ schema = 3
  [mod."github.com/nicksnyder/go-i18n/v2"]
    version = "v2.6.0"
    hash = "sha256-UrSECFbpCIg5avJ+f3LkJy/ncZFHa4q8sDqDIQ3YZJM="
+  [mod."github.com/nlpodyssey/gopickle"]
+    version = "v0.3.0"
+    hash = "sha256-djE/birMxBZzMzlaIvjO9kqR1OG5GEhfB6dReaZHH1U="
+  [mod."github.com/olekukonko/tablewriter"]
+    version = "v0.0.5"
+    hash = "sha256-/5i70IkH/qSW5KjGzv8aQNKh9tHoz98tqtL0K2DMFn4="
  [mod."github.com/ollama/ollama"]
-    version = "v0.13.5"
-    hash = "sha256-gr8dMdGfyXhEgO22MOmtIZEXlBrOsEecOhi/AmU5D+0="
+    version = "v0.15.1"
+    hash = "sha256-F6nmdMtADI6DH270vVRzWIj908+wg+FXv7mCUi0l3gc="
  [mod."github.com/openai/openai-go"]
    version = "v1.12.0"
    hash = "sha256-JHLlKvDwERPf728GUXBsKU58ODgCxcxEe9TKJTGAG1w="
@@ -286,6 +340,9 @@ schema = 3
  [mod."github.com/otiai10/mint"]
    version = "v1.6.3"
    hash = "sha256-/FT3dYP2+UiW/qe1pxQ7HiS8et4+KHGPIMhc+8mHvzw="
+  [mod."github.com/pdevine/tensor"]
+    version = "v0.0.0-20240510204454-f88f4562727c"
+    hash = "sha256-h+n0NKCrnHn0UHx6GQGZcF4MeUD5dMKMsIwlVY6Em0A="
  [mod."github.com/pelletier/go-toml/v2"]
    version = "v2.2.4"
    hash = "sha256-8qQIPldbsS5RO8v/FW/se3ZsAyvLzexiivzJCbGRg2Q="
@@ -304,6 +361,9 @@ schema = 3
  [mod."github.com/quic-go/quic-go"]
    version = "v0.57.1"
    hash = "sha256-MdXc0GRVp3YuN9XFoGFOjgIcIMp7yoLqwfEikZp1i4w="
+  [mod."github.com/rivo/uniseg"]
+    version = "v0.2.0"
+    hash = "sha256-GLj0jiGrT03Ept4V6FXCN1yeZ/b6PpS3MEXK6rYQ8Eg="
  [mod."github.com/samber/lo"]
    version = "v1.52.0"
    hash = "sha256-xgMsPJv3rydHH10NZU8wz/DhK2VbbR8ymivOg1ChTp0="
@@ -352,9 +412,18 @@ schema = 3
  [mod."github.com/ugorji/go/codec"]
    version = "v1.3.1"
    hash = "sha256-VQtXVaKxXjm5Q60hCgVKZxNywl6SJFPqju6JNjADp4w="
+  [mod."github.com/wk8/go-ordered-map/v2"]
+    version = "v2.1.8"
+    hash = "sha256-v7/5+7lAypZfgClXgWxhxtA1skQq9o+1yrI+V0o1j2o="
+  [mod."github.com/x448/float16"]
+    version = "v0.8.4"
+    hash = "sha256-VKzMTMS9pIB/cwe17xPftCSK9Mf4Y6EuBEJlB4by5mE="
  [mod."github.com/xanzy/ssh-agent"]
    version = "v0.3.3"
    hash = "sha256-l3pGB6IdzcPA/HLk93sSN6NM2pKPy+bVOoacR5RC2+c="
+  [mod."github.com/xtgo/set"]
+    version = "v1.0.0"
+    hash = "sha256-HDVvuKL+311OnVI1nycKKIlMhANkoCdBAsfRg1xZEpE="
  [mod."go.opentelemetry.io/auto/sdk"]
    version = "v1.2.1"
    hash = "sha256-73bFYhnxNf4SfeQ52ebnwOWywdQbqc9lWawCcSgofvE="
@@ -379,6 +448,9 @@ schema = 3
  [mod."go.yaml.in/yaml/v3"]
    version = "v3.0.4"
    hash = "sha256-NkGFiDPoCxbr3LFsI6OCygjjkY0rdmg5ggvVVwpyDQ4="
+  [mod."go4.org/unsafe/assume-no-moving-gc"]
+    version = "v0.0.0-20231121144256-b99613f794b6"
+    hash = "sha256-p0bcawoazS5r49P8Ru0anJ5crNB0+3xGtzZNpCAe3gI="
  [mod."golang.org/x/arch"]
    version = "v0.23.0"
    hash = "sha256-ynvhsw8ZYgKTzFn1wnIj3/p+1O/Ty5PX1Lnj+NMTAQQ="
@@ -388,6 +460,9 @@ schema = 3
  [mod."golang.org/x/exp"]
    version = "v0.0.0-20250531010427-b6e5de432a8b"
    hash = "sha256-QaFfjyB+pogCkUkJskR9xnXwkCOU828XJRrzwwLm6Ms="
+  [mod."golang.org/x/image"]
+    version = "v0.25.0"
+    hash = "sha256-7SUSCTo4cPremIDCBOm+YEg5pIk4lgdu68puWabM+NQ="
  [mod."golang.org/x/mod"]
    version = "v0.31.0"
    hash = "sha256-ZVNmaZADgM3+30q9rW8q4gP6ySkT7r1eb4vrHIlpCjM="
@@ -403,6 +478,9 @@ schema = 3
  [mod."golang.org/x/sys"]
    version = "v0.39.0"
    hash = "sha256-dxTBu/JAWUkPbjFIXXRFdhQWyn+YyEpIC+tWqGo0Y6U="
+  [mod."golang.org/x/term"]
+    version = "v0.38.0"
+    hash = "sha256-46mX91XGJqii6SUESiU5mLVJDBOfKYCp+408m91hrMw="
  [mod."golang.org/x/text"]
    version = "v0.32.0"
    hash = "sha256-9PXtWBKKY9rG4AgjSP4N+I1DhepXhy8SF/vWSIDIoWs="
@@ -412,6 +490,12 @@ schema = 3
  [mod."golang.org/x/tools"]
    version = "v0.40.0"
    hash = "sha256-ksmhTnH9btXKiRbbE0KGh02nbeNqNBQKcfwvx9dE7t0="
+  [mod."golang.org/x/xerrors"]
+    version = "v0.0.0-20200804184101-5ec99f83aff1"
+    hash = "sha256-62f++IO8Ia32CYy+xX8XDxCcT9r1sbPvVwoKV99gf7U="
+  [mod."gonum.org/v1/gonum"]
+    version = "v0.16.0"
+    hash = "sha256-25kwrdIdR6J75uQfqFZwW9cef0ehRodqTDdpnqBNy+c="
  [mod."google.golang.org/api"]
    version = "v0.258.0"
    hash = "sha256-hxwJz4Vzh87Bc49QCndKrO+34wfzF1ORGMeF5kmk22Q="
@@ -433,3 +517,9 @@ schema = 3
  [mod."gopkg.in/yaml.v3"]
    version = "v3.0.1"
    hash = "sha256-FqL9TKYJ0XkNwJFnq9j0VvJ5ZUU1RvH/52h/f5bkYAU="
+  [mod."gorgonia.org/vecf32"]
+    version = "v0.9.0"
+    hash = "sha256-13MdvvueCQK6tIMjjeTtvdlqsl718P/BMgnFwhobB0I="
+  [mod."gorgonia.org/vecf64"]
+    version = "v0.9.0"
+    hash = "sha256-C9Z1n9ldsAev5Rp8so+f1ntkPtfVK/NTPYn+2TWFJYc="
--- a/nix/pkgs/fabric/version.nix
+++ b/nix/pkgs/fabric/version.nix
@@ -1 +1 @@
-"1.4.392"
+"1.4.393"