Summary
23 open Dependabot alerts on the default branch (1 high · 18 moderate · 4 low), all npm. They surface on every push as the "GitHub found 23 vulnerabilities" banner. All are transitive/direct npm deps across three lockfiles; 6 version bumps clear 22 of 23 — one low DOMPurify advisory has no upstream patch yet.
Snapshot taken 2026-06-26 via gh api /repos/Abilityai/trinity/dependabot/alerts. Re-run before starting in case Dependabot has opened auto-bump PRs.
Remediation (grouped by lockfile)
src/frontend/package-lock.json — 18 alerts
| Package |
Current |
Bump to |
Clears |
dompurify |
< 3.4.11 |
3.4.11 |
15 alerts (1 HIGH-adjacent XSS-sanitizer staleness; CVE-2026-41238/41239/41240, 0540, 49458/49459/49978, + GHSA cluster) |
vite |
≤ 6.4.2 |
6.4.3 |
CVE-2026-53571 (HIGH — server.fs.deny bypass on Windows alt paths) + CVE-2026-53632 (MEDIUM) |
DOMPurify is the runtime XSS sanitizer behind utils/markdown.js (H-005) — the most security-relevant of the set, even though each individual advisory is rated moderate/low.
GHSA-x4vx-rjvf-j5p4 (dompurify, LOW) has no patched version — cannot be resolved by a bump. Monitor upstream; acceptable to leave open with a note.
package-lock.json (repo root) — 3 alerts
src/mcp-server/package-lock.json — 2 alerts
Notes on severity
- The lone HIGH (
vite CVE-2026-53571) is a dev-server fs.deny bypass — prod serves the frontend as static assets via nginxinc/nginx-unprivileged, so it is not prod-exploitable. Set priority accordingly (filed P2).
vite/esbuild are build-time only; qs/ip-address/@hono/node-server are server-side deps; dompurify is the only runtime browser-facing one.
Acceptance criteria
Ownership
Spans frontend (Korin — DOMPurify/vite) and security (Sazonenka — triage/sign-off) zones; not Agent Server. Filed as triage/tracking — unassigned. Consider letting Dependabot raise the grouped bump PRs and reviewing those rather than hand-editing lockfiles.
Generated from a Dependabot snapshot on 2026-06-26.
Summary
23 open Dependabot alerts on the default branch (1 high · 18 moderate · 4 low), all npm. They surface on every push as the "GitHub found 23 vulnerabilities" banner. All are transitive/direct npm deps across three lockfiles; 6 version bumps clear 22 of 23 — one low DOMPurify advisory has no upstream patch yet.
Snapshot taken 2026-06-26 via
gh api /repos/Abilityai/trinity/dependabot/alerts. Re-run before starting in case Dependabot has opened auto-bump PRs.Remediation (grouped by lockfile)
src/frontend/package-lock.json— 18 alertsdompurifyviteserver.fs.denybypass on Windows alt paths) + CVE-2026-53632 (MEDIUM)package-lock.json(repo root) — 3 alerts@hono/node-serverip-addressqssrc/mcp-server/package-lock.json— 2 alertsqsesbuildNotes on severity
viteCVE-2026-53571) is a dev-serverfs.denybypass — prod serves the frontend as static assets vianginxinc/nginx-unprivileged, so it is not prod-exploitable. Set priority accordingly (filed P2).vite/esbuildare build-time only;qs/ip-address/@hono/node-serverare server-side deps;dompurifyis the only runtime browser-facing one.Acceptance criteria
src/frontend, root, andsrc/mcp-serverlockfiles bumped per the tables above (npm audit fix/ targetednpm install <pkg>@<ver>+ lockfile refresh)npm auditclean in all three manifests except the unpatchedGHSA-x4vx-rjvf-j5p4(documented exception)frontend-e2e.yml) green after the DOMPurify/vite bumps (markdown render + dev-server start are the at-risk surfaces)Ownership
Spans frontend (Korin — DOMPurify/vite) and security (Sazonenka — triage/sign-off) zones; not Agent Server. Filed as triage/tracking — unassigned. Consider letting Dependabot raise the grouped bump PRs and reviewing those rather than hand-editing lockfiles.
Generated from a Dependabot snapshot on 2026-06-26.