Fabric

mirror of https://github.com/danielmiessler/Fabric.git synced 2026-02-17 01:12:08 -05:00

Author	SHA1	Message	Date
Kayvan Sylvan	f151646838	security: fix medium severity esbuild vulnerability Fix Dependabot alert #76 (MEDIUM): - esbuild vulnerability: allows any website to send requests to development server and read responses - Updated from 0.21.5 (vulnerable) to 0.27.2 via pnpm/npm overrides Build verified successful. All tests pass. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-25 14:26:27 -08:00
Kayvan Sylvan	03a496912f	security: add npm support with package-lock.json for dual package manager compatibility Changes: - Added npm "overrides" section to package.json alongside existing pnpm overrides - Generated and tracked package-lock.json with security fixes applied - Removed web/package-lock.json from .gitignore to support npm users - Both npm and pnpm now enforce secure dependency versions This enables developers to use either pnpm or npm while maintaining consistent security posture across both package managers. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-25 13:53:00 -08:00
jmd1010	8bff9764f8	Remove sensitive and generated files from tracking	2025-02-19 22:17:20 -05:00
jmd1010	717eb585b5	Setup backup configuration and update dependencies	2025-02-18 14:10:19 -05:00
John	9b38c8d5aa	Updates	2024-12-16 18:40:15 -05:00
dependabot[bot]	79b27253cd	build(deps-dev): bump @sveltejs/kit Bumps the npm_and_yarn group with 1 update in the /web directory: [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit). Updates `@sveltejs/kit` from 2.8.4 to 2.9.0 - [Release notes](https://github.com/sveltejs/kit/releases) - [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md) - [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.9.0/packages/kit) --- updated-dependencies: - dependency-name: "@sveltejs/kit" dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>	2024-12-04 11:26:01 +00:00
dependabot[bot]	63b357168e	build(deps-dev): bump @sveltejs/kit Bumps the npm_and_yarn group with 1 update in the /web directory: [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit). Updates `@sveltejs/kit` from 2.6.1 to 2.8.4 - [Release notes](https://github.com/sveltejs/kit/releases) - [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md) - [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.8.4/packages/kit) --- updated-dependencies: - dependency-name: "@sveltejs/kit" dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>	2024-11-26 21:40:49 +00:00
John	7043f78f1f	john 2024-11-26 08:40:21	2024-11-26 08:50:31 -05:00

8 Commits