@codyswann/lisa 2.16.2 → 2.16.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/package.json +1 -1
  2. package/plugins/lisa/.claude-plugin/plugin.json +1 -1
  3. package/plugins/lisa-cdk/.claude-plugin/plugin.json +1 -1
  4. package/plugins/lisa-expo/.claude-plugin/plugin.json +1 -1
  5. package/plugins/lisa-nestjs/.claude-plugin/plugin.json +1 -1
  6. package/plugins/lisa-rails/.claude-plugin/plugin.json +1 -1
  7. package/plugins/lisa-typescript/.claude-plugin/plugin.json +1 -1
  8. package/typescript/copy-overwrite/audit.ignore.config.json +2 -2
package/package.json CHANGED
@@ -79,7 +79,7 @@
79
79
  "lodash": ">=4.18.1"
80
80
  },
81
81
  "name": "@codyswann/lisa",
82
- "version": "2.16.2",
82
+ "version": "2.16.3",
83
83
  "description": "Claude Code governance framework that applies guardrails, guidance, and automated enforcement to projects",
84
84
  "main": "dist/index.js",
85
85
  "exports": {
package/plugins/lisa/.claude-plugin/plugin.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "lisa",
3
- "version": "2.16.2",
3
+ "version": "2.16.3",
4
4
  "description": "Universal governance — agents, skills, commands, hooks, and rules for all projects",
5
5
  "author": {
6
6
  "name": "Cody Swann"
package/plugins/lisa-cdk/.claude-plugin/plugin.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "lisa-cdk",
3
- "version": "2.16.2",
3
+ "version": "2.16.3",
4
4
  "description": "AWS CDK-specific plugin",
5
5
  "author": {
6
6
  "name": "Cody Swann"
package/plugins/lisa-expo/.claude-plugin/plugin.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "lisa-expo",
3
- "version": "2.16.2",
3
+ "version": "2.16.3",
4
4
  "description": "Expo/React Native-specific skills, agents, rules, and MCP servers",
5
5
  "author": {
6
6
  "name": "Cody Swann"
package/plugins/lisa-nestjs/.claude-plugin/plugin.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "lisa-nestjs",
3
- "version": "2.16.2",
3
+ "version": "2.16.3",
4
4
  "description": "NestJS-specific skills (GraphQL, TypeORM) and hooks (migration write-protection)",
5
5
  "author": {
6
6
  "name": "Cody Swann"
package/plugins/lisa-rails/.claude-plugin/plugin.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "lisa-rails",
3
- "version": "2.16.2",
3
+ "version": "2.16.3",
4
4
  "description": "Ruby on Rails-specific hooks — RuboCop linting/formatting and ast-grep scanning on edit",
5
5
  "author": {
6
6
  "name": "Cody Swann"
package/plugins/lisa-typescript/.claude-plugin/plugin.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "lisa-typescript",
3
- "version": "2.16.2",
3
+ "version": "2.16.3",
4
4
  "description": "TypeScript-specific hooks — Prettier formatting, ESLint linting, and ast-grep scanning on edit",
5
5
  "author": {
6
6
  "name": "Cody Swann"
package/typescript/copy-overwrite/audit.ignore.config.json CHANGED
@@ -141,12 +141,12 @@
141
141
  {
142
142
  "id": "GHSA-v39h-62p7-jpjc",
143
143
  "package": "fast-uri",
144
- "reason": "Host confusion via percent-encoded authority delimiters in fast-uri parser. Transitive devDep via eslint > @eslint/eslintrc > ajv > fast-uri (also via commitlint, lisa); no production code path passes attacker-controlled URIs through ajv schema validation that relies on fast-uri parsing."
144
+ "reason": "Host confusion via percent-encoded authority delimiters in fast-uri parser. Reachable transitively via eslint > @eslint/eslintrc > ajv > fast-uri and (in CDK projects) via aws-cdk-lib's bundled JSON Schema validator. aws-cdk-lib is invoked only at build/synth/deploy time — its ajv usage validates CloudFormation/CDK schemas authored by the developer, not attacker-controlled URIs. No runtime/production code path passes attacker-controlled URIs through ajv schema validation that relies on fast-uri parsing."
145
145
  },
146
146
  {
147
147
  "id": "GHSA-q3j6-qgpj-74h6",
148
148
  "package": "fast-uri",
149
- "reason": "Path traversal via percent-encoded dot segments in fast-uri parser. Transitive devDep via eslint > @eslint/eslintrc > ajv > fast-uri (also via commitlint, lisa); no production code path passes attacker-controlled URIs through ajv schema validation that relies on fast-uri parsing."
149
+ "reason": "Path traversal via percent-encoded dot segments in fast-uri parser. Reachable transitively via eslint > @eslint/eslintrc > ajv > fast-uri and (in CDK projects) via aws-cdk-lib's bundled JSON Schema validator. aws-cdk-lib is invoked only at build/synth/deploy time — its ajv usage validates CloudFormation/CDK schemas authored by the developer, not attacker-controlled URIs. No runtime/production code path passes attacker-controlled URIs through ajv schema validation that relies on fast-uri parsing."
150
150
  }
151
151
  ]
152
152
  }