mirror of
https://github.com/KeygraphHQ/shannon.git
synced 2026-03-31 18:00:40 +02:00
147bc3f5f4
* fix: patch smol-toml and tsdown vulnerabilities Update smol-toml 1.6.0→1.6.1 (DoS via recursive comment parsing) and tsdown 0.21.2→0.21.5 (picomatch ReDoS + method injection). * fix: pin all unpinned dependency versions in Dockerfile Pins subfinder v2.13.0, WhatWeb v0.6.3 (switched from git clone to release tarball), schemathesis 4.13.0, addressable 2.8.9, claude-code 2.1.84, and playwright-cli 0.1.1 for reproducible builds. * fix: pin GitHub Actions to commit SHAs for supply chain security * fix: pin GitHub Actions to commit SHAs in beta and rollback workflows