mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-09 08:21:50 +00:00
205ed71ba0
* fix(deps): refresh lockfile to clear 6 npm audit findings Plain `npm audit fix` (no --force, no overrides) — every patched version was already in-range, so a lockfile refresh clears all findings without permanent override pins. Cleared: - tmp 0.2.5 -> 0.2.7 (path traversal, HIGH — GHSA-ph9p-34f9-6g65) - brace-expansion 5.0.5 -> 5.0.6 (DoS — GHSA-jxxr-4gwj-5jf2) - mermaid 11.14.0 -> 11.15.0 (4 advisories: GHSA-6m6c-36f7-fhxh, GHSA-xcj9-5m2h-648r, GHSA-87f9-hvmw-gh4p, GHSA-ghcm-xqfw-q4vr) npm audit: 6 vulnerabilities -> 0. package.json untouched. * fix(nix): bump npmDepsHash for refreshed lockfile Uses the hash fetchNpmDeps (the actual build fetcher) produces, which diverges from prefetch-npm-deps / nix run .#fix-lockfiles output for this lockfile. |
||
|---|---|---|
| .. | ||
| checks.nix | ||
| configMergeScript.nix | ||
| desktop.nix | ||
| devShell.nix | ||
| hermes-agent.nix | ||
| lib.nix | ||
| nixosModules.nix | ||
| overlays.nix | ||
| packages.nix | ||
| python.nix | ||
| tui.nix | ||
| web.nix | ||