chore(security): close 13 dependabot alerts (Jun-17 triage wave)

[anandray]

Summary

Closes 13 of 20 open Dependabot alerts on this repo. Three new `pnpm.overrides` entries + five floor bumps on existing ones; lockfile regenerated; smoke-tested.

The remaining 7 alerts are not addressable in this PR — see Out of scope below.

Alerts closed (13)

Alert	Sev	Package	Fix
#184	high	`ws`	bump existing `>=8.20.1` → `>=8.21.0`
#188	high	`form-data`	add `>=4.0.6 <5`
#190, #189	high, medium	`protobufjs`	bump existing `>=7.5.5` → `>=7.6.3`
#194, #195, #196, #198, #199, #200	mixed	`dompurify` (6 advisories)	bump existing `>=3.4.0 <3.5.0` → `>=3.4.9 <3.5.0`
#186	medium	`js-yaml`	bump existing `>=4.1.1` → `>=4.2.0`
#187	medium	`tar`	add `>=7.5.16 <8`
#201	medium	`markdown-it`	bump existing `>=14.1.1` → `>=14.2.0`
#185	low	`@babel/core`	add `>=7.29.6 <8`

Note on dompurify upper bound

Existing override was `>=3.4.0 <3.5.0`. Keeping the narrow `<3.5.0` upper bound (rather than widening to `<4` as the saas companion does) preserves the prior pin's intent. dompurify resolves to `3.4.11` post-regen — comfortably above the `3.4.9` floor and within the narrow window.

Out of scope

Alert(s)	Sev	Package	Reason
#202, #203	high	`nltk` (pip)	`patched=—` — no upstream patch published yet
#191, #192, #193	high	`cryptography` (pip)	Python dep — needs a separate update to `requirements.txt` / `pyproject.toml`, not addressable via `pnpm.overrides`
#197	low	`dompurify` (GHSA-x4vx-rjvf-j5p4)	`patched=—` — no upstream patch

Verification

Lockfile regenerated. Smoke-tested each fixed package:

dompurify     → 3.4.11    ✓
form-data     → 4.0.6     ✓
js-yaml       → 4.2.0     ✓
markdown-it   → 14.2.0    ✓
tar           → 7.5.16    ✓
protobufjs    → 7.6.4     ✓
ws            → 8.21.0    ✓
@babel/core   → 7.29.7    ✓

Companion PR on saas

rocketride-ai/rocketride-saas#265 covers the same 8 npm packages on the saas side.

Test plan

• Lefthook pre-commit passes
• CI green (Semgrep, Secret Scan, CodeQL re-run, app tests, multi-platform builds)
• After merge, Dependabot rescans and 13 alerts close as Fixed; fix(engine): Add pydantic model and callable serialization to pyjson #191-193, fix(ci): npm trusted publishers and publish path fix #197, fix(client,ai,ui): ESM import extensions, null-safety guards, and unknown task display #202, fix: Python client auth, TypeScript client Jest resolution, and server Python webhook GIL #203 remain open

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

⛔ Ignored keywords (5)

• [bot]
• renovate
• dependabot
• release
• chore(release)

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: dddaf11a-0b84-46f3-85bd-d21c80683b27

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/dependabot-vuln-sweep-jun17

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🤖 Internal: Discord sync marker

Auto-managed by the Discord notification workflow. Stores the linked Discord message ID. Do not edit or delete.