From a6f0949bf09096e64e07ad899880b87478c867b7 Mon Sep 17 00:00:00 2001 From: Brian O'Kelley Date: Thu, 8 Jan 2026 06:04:27 -0800 Subject: [PATCH 1/2] fix: update dependencies to address security vulnerabilities MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates @adcp/client, @modelcontextprotocol/sdk, @workos-inc/node, and qs to latest versions with security patches. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- package-lock.json | 56 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 43 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index 08d3cd09ea..30f75a3b85 100644 --- a/package-lock.json +++ b/package-lock.json @@ -88,9 +88,9 @@ } }, "node_modules/@adcp/client": { - "version": "3.5.2", - "resolved": "https://registry.npmjs.org/@adcp/client/-/client-3.5.2.tgz", - "integrity": "sha512-xuK78l29o0wY5mR5MdBrqWPGYtQX+f/xf2ja+e0jXcrnIETyHRW4RLKO6DnAOFooxEGIPxhNpOGeqiO/18p1eg==", + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/@adcp/client/-/client-3.6.0.tgz", + "integrity": "sha512-TBgWT1wtTBTLLBx/D0VOzHCmi8DIPGscvrpA5OZwJAr6H532rHPhMpIiBevbYyw8r389KLEAs+GIErjZu4oM+w==", "license": "MIT", "dependencies": { "better-sqlite3": "^12.4.1", @@ -1564,6 +1564,18 @@ "integrity": "sha512-aGTxbpbg8/b5JfU1HXSrbH3wXZuLPJcNEcZQFMxLs3oSzgtVu6nFPkbbGGUvBcUjKV2YyB9Wxxabo+HEH9tcRQ==", "license": "MIT" }, + "node_modules/@hono/node-server": { + "version": "1.19.7", + "resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.7.tgz", + "integrity": "sha512-vUcD0uauS7EU2caukW8z5lJKtoGMokxNbJtBiwHgpqxEXokaHCBkQUmCHhjFB1VUTWdqj25QoMkMKzgjq+uhrw==", + "license": "MIT", + "engines": { + "node": ">=18.14.1" + }, + "peerDependencies": { + "hono": "^4" + } + }, "node_modules/@img/sharp-darwin-arm64": { "version": "0.33.5", "resolved": "https://registry.npmjs.org/@img/sharp-darwin-arm64/-/sharp-darwin-arm64-0.33.5.tgz", @@ -4380,11 +4392,12 @@ } }, "node_modules/@modelcontextprotocol/sdk": { - "version": "1.24.3", - "resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.24.3.tgz", - "integrity": "sha512-YgSHW29fuzKKAHTGe9zjNoo+yF8KaQPzDC2W9Pv41E7/57IfY+AMGJ/aDFlgTLcVVELoggKE4syABCE75u3NCw==", + "version": "1.25.2", + "resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.25.2.tgz", + "integrity": "sha512-LZFeo4F9M5qOhC/Uc1aQSrBHxMrvxett+9KLHt7OhcExtoiRN9DKgbZffMP/nxjutWDQpfMDfP3nkHI4X9ijww==", "license": "MIT", "dependencies": { + "@hono/node-server": "^1.19.7", "ajv": "^8.17.1", "ajv-formats": "^3.0.1", "content-type": "^1.0.5", @@ -4395,6 +4408,7 @@ "express": "^5.0.1", "express-rate-limit": "^7.5.0", "jose": "^6.1.1", + "json-schema-typed": "^8.0.2", "pkce-challenge": "^5.0.0", "raw-body": "^3.0.0", "zod": "^3.25 || ^4.0", @@ -8311,15 +8325,15 @@ } }, "node_modules/@workos-inc/node": { - "version": "7.77.0", - "resolved": "https://registry.npmjs.org/@workos-inc/node/-/node-7.77.0.tgz", - "integrity": "sha512-6LGBAqih8kkzhHqmxueT9/xX93AJQxQhKekyNs0mqgWsrnqOPDiag1WIFzgxbQTvr564MqtEW502Tatfp1+x0Q==", + "version": "7.79.3", + "resolved": "https://registry.npmjs.org/@workos-inc/node/-/node-7.79.3.tgz", + "integrity": "sha512-gqkq8LB6mwZqkzvC0ciIN6pJNxtFf76ztZoVFi3wMwn+lyzfW9M8n6jm1sk5NN0PhQGF2K1+oYs4JIlATP4Tzw==", "license": "MIT", "dependencies": { "iron-session": "~6.3.1", "jose": "~5.6.3", "leb": "^1.0.0", - "qs": "6.14.0" + "qs": "6.14.1" }, "engines": { "node": ">=16" @@ -13261,6 +13275,16 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/hono": { + "version": "4.11.3", + "resolved": "https://registry.npmjs.org/hono/-/hono-4.11.3.tgz", + "integrity": "sha512-PmQi306+M/ct/m5s66Hrg+adPnkD5jiO6IjA7WhWw0gSBSo1EcRegwuI1deZ+wd5pzCGynCcn2DprnE4/yEV4w==", + "license": "MIT", + "peer": true, + "engines": { + "node": ">=16.9.0" + } + }, "node_modules/html-escaper": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", @@ -15610,6 +15634,12 @@ "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", "license": "MIT" }, + "node_modules/json-schema-typed": { + "version": "8.0.2", + "resolved": "https://registry.npmjs.org/json-schema-typed/-/json-schema-typed-8.0.2.tgz", + "integrity": "sha512-fQhoXdcvc3V28x7C7BMs4P5+kNlgUURe2jmUT1T//oBRMDrqy1QPelJimwZGo7Hg9VPV3EQV5Bnq4hbFy2vetA==", + "license": "BSD-2-Clause" + }, "node_modules/json5": { "version": "2.2.3", "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", @@ -19094,9 +19124,9 @@ } }, "node_modules/qs": { - "version": "6.14.0", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz", - "integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==", + "version": "6.14.1", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz", + "integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==", "license": "BSD-3-Clause", "dependencies": { "side-channel": "^1.1.0" From 22ff174faef4d82432fd83800223bad9b703f68a Mon Sep 17 00:00:00 2001 From: Brian O'Kelley Date: Thu, 8 Jan 2026 06:06:25 -0800 Subject: [PATCH 2/2] chore: add empty changeset MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- .changeset/fix-slack-auth-security.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .changeset/fix-slack-auth-security.md diff --git a/.changeset/fix-slack-auth-security.md b/.changeset/fix-slack-auth-security.md new file mode 100644 index 0000000000..dd0727322d --- /dev/null +++ b/.changeset/fix-slack-auth-security.md @@ -0,0 +1,4 @@ +--- +--- + +Update dependencies to address security vulnerabilities.