Dependabot reports 33 vulnerabilities on the default branch: 13 high, 17 moderate, 3 low (https://github.com/androidbroadcast/Featured/security/dependabot). These are pre-existing (not introduced by the v1.0.0 release, which was config/docs only).
Triage and remediate: review each advisory, bump affected dependencies via the version catalog (gradle/libs.versions.toml), and confirm no breaking changes. A scan via OSV (e.g. the maven-mcp vulnerability checker) can enumerate the affected coordinates and fixed-in versions.
Dependabot reports 33 vulnerabilities on the default branch: 13 high, 17 moderate, 3 low (https://github.com/androidbroadcast/Featured/security/dependabot). These are pre-existing (not introduced by the v1.0.0 release, which was config/docs only).
Triage and remediate: review each advisory, bump affected dependencies via the version catalog (
gradle/libs.versions.toml), and confirm no breaking changes. A scan via OSV (e.g. the maven-mcp vulnerability checker) can enumerate the affected coordinates and fixed-in versions.