@codyswann/lisa 1.23.0 → 1.23.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/typescript/copy-contents/.husky/pre-push +1 -0
  3. package/typescript/copy-overwrite/.github/workflows/quality.yml +6 -1
package/package.json CHANGED
@@ -88,7 +88,7 @@
88
88
  "@isaacs/brace-expansion": "^5.0.1"
89
89
  },
90
90
  "name": "@codyswann/lisa",
91
- "version": "1.23.0",
91
+ "version": "1.23.1",
92
92
  "description": "Claude Code governance framework that applies guardrails, guidance, and automated enforcement to projects",
93
93
  "main": "dist/index.js",
94
94
  "bin": {
package/typescript/copy-contents/.husky/pre-push CHANGED
@@ -82,6 +82,7 @@ elif [ "$PACKAGE_MANAGER" = "bun" ]; then
82
82
 
83
83
  # Excluding GHSA-37qj-frw5-hhjh: fast-xml-parser RangeError DoS with numeric entities
84
84
  # Transitive dependency via @react-native-community/cli (Android/iOS build tooling)
85
+ # Parent packages pin ^4.4.1; fix requires major version 5.x (incompatible)
85
86
  # Risk: None - CLI build tool, not a production runtime dependency
86
87
  if ! bun audit --audit-level=high --ignore GHSA-5j98-mcp5-4vw2 --ignore GHSA-8qq5-rm4j-mr97 --ignore GHSA-37qj-frw5-hhjh; then
87
88
  echo "⚠️ Security audit failed. Please fix high/critical vulnerabilities before pushing."
package/typescript/copy-overwrite/.github/workflows/quality.yml CHANGED
@@ -1009,7 +1009,12 @@ jobs:
1009
1009
  # Excluding GHSA-8qq5-rm4j-mr97: node-tar path sanitization vulnerability
1010
1010
  # Nested dependency in @expo/cli - bun resolves to patched version but audit still flags it
1011
1011
  # Risk: Low - only affects tar extraction with malicious filenames, not our use case
1012
- if ! bun audit --audit-level=high --ignore GHSA-5j98-mcp5-4vw2 --ignore GHSA-8qq5-rm4j-mr97; then
1012
+
1013
+ # Excluding GHSA-37qj-frw5-hhjh: fast-xml-parser RangeError DoS with numeric entities
1014
+ # Transitive dependency via @react-native-community/cli (Android/iOS build tooling)
1015
+ # Parent packages pin ^4.4.1; fix requires major version 5.x (incompatible)
1016
+ # Risk: None - CLI build tool, not a production runtime dependency
1017
+ if ! bun audit --audit-level=high --ignore GHSA-5j98-mcp5-4vw2 --ignore GHSA-8qq5-rm4j-mr97 --ignore GHSA-37qj-frw5-hhjh; then
1013
1018
  echo "::warning::Found high or critical vulnerabilities"
1014
1019
  exit 1
1015
1020
  fi