From 0ca847a234af318b511f739526fde069c30abc02 Mon Sep 17 00:00:00 2001
From: Krystof Stekovic <kstekovi@redhat.com>
Date: Tue, 7 Apr 2026 16:58:15 +0200
Subject: [PATCH 1/2] fix npm vulnerabilities by adding overrides for mocha
 transitive deps

Add overrides for diff (^8.0.3) and serialize-javascript (^7.0.5) to
resolve all remaining npm audit vulnerabilities in mocha's dependency tree.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 package.json | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/package.json b/package.json
index 49d145a8e..f3b68b4da 100644
--- a/package.json
+++ b/package.json
@@ -57,5 +57,11 @@
     "cypress": "15.11.0",
     "portscanner": "^2.2.0",
     "testcontainers": "^11.7.1"
+  },
+  "overrides": {
+    "mocha": {
+      "diff": "^8.0.3",
+      "serialize-javascript": "^7.0.5"
+    }
   }
 }

From 4ce5d0b5c4691397146872124620bb0cab4ded60 Mon Sep 17 00:00:00 2001
From: Krystof Stekovic <kstekovi@redhat.com>
Date: Wed, 8 Apr 2026 09:04:50 +0200
Subject: [PATCH 2/2] pin axios to exact safe version 1.13.6

Pin axios to exact version 1.13.6 to prevent automatic installation of
potentially compromised versions via semver range resolution.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index f3b68b4da..a07cd0403 100644
--- a/package.json
+++ b/package.json
@@ -53,7 +53,7 @@
     "typescript-eslint": "^8.46.1"
   },
   "dependencies": {
-    "axios": "^1.12.2",
+    "axios": "1.13.6",
     "cypress": "15.11.0",
     "portscanner": "^2.2.0",
     "testcontainers": "^11.7.1"