fix: resolve critical and high security vulnerabilities

[RomneyDa]

Summary

Addresses ~351 of ~394 npm audit vulnerabilities reported by GitHub (612 on default branch), focusing on critical and high severity issues.

Vulnerability reduction by package

Package	Before	After	Eliminated
root	4 (2M, 2H)	0	4
binary/	84 (20L, 13M, 29H, 22C)	10 (8L, 1M, 1H)	74
core/	46 (5L, 9M, 27H, 5C)	8 (8L)	38
gui/	26 (1L, 17M, 8H)	10 (10M)	16
extensions/vscode/	40 (6L, 13M, 18H, 3C)	7 (6L, 1M)	33
extensions/cli/	18 (4L, 4M, 10H)	4 (3L, 1H)	14
docs/	29 (1L, 5M, 22H, 1C)	0	29
packages/config-yaml/	38 (16L, 4M, 18H)	1 (1H)	37
packages/fetch/	35 (16L, 2M, 17H)	1 (1H)	34
packages/llm-info/	36 (16L, 3M, 17H)	1 (1H)	35
packages/openai-adapters/	28 (1L, 2M, 23H, 2C)	1 (1H)	27
packages/hub/	7 (2L, 3M, 2H)	0	7
packages/continue-sdk/	4 (1L, 2M, 1C)	0	4
packages/terminal-security/	3 (1M, 2H)	0	3

Critical: 31 → 0 | High: 193 → 5 | Total: ~394 → ~43

Changes

Dependency bumps:

• semantic-release ^21 → ^24 in config-yaml, fetch, llm-info (eliminates bundled npm@9 with ~96 transitive vulns)
• @semantic-release/npm → ^13.1.5 in config-yaml, fetch, llm-info, openai-adapters
• tar ^7.5.10 → ^7.5.13 in core, binary (fixes 6 path traversal CVEs)
• esbuild 0.17/0.19 → ^0.25.0 in core, binary, vscode (fixes dev server request leak)
• @mozilla/readability ^0.5 → ^0.6 in core (fixes ReDoS)
• react-syntax-highlighter ^15 → ^16 in gui (fixes prismjs DOM Clobbering)
• vitest ^2 → ^3 + @vitest/coverage-v8 + @vitest/ui in gui (fixes esbuild/vite chain)
• @swc/cli ^0.3 → ^0.8 in gui (fixes cross-spawn ReDoS)
• diff ^7 → ^8 in vscode (fixes jsdiff DoS)
• monaco-editor ^0.55 → ^0.53 in vscode (fixes dompurify XSS)
• mintlify bumped to ^4.2.454 in docs

Removed:

• request from core and vscode — deprecated package with unfixable critical vulns (form-data, qs, tough-cookie). Not imported anywhere in the codebase.

Overrides added:

• vscode: tar, picomatch, rollup, serialize-javascript, diff, esbuild (via vite)
• docs: express, body-parser, qs, cookie, send, serve-static, path-to-regexp, tar, js-yaml, lodash, zod, minimatch, axios, @orpc/openapi, kysely
• cli: qs, picomatch
• config-yaml, fetch, llm-info, openai-adapters: picomatch

Remaining (unfixable upstream)

• sqlite3 → node-gyp → @tootallnate/once chain (low severity, no upstream fix)
• picomatch bundled inside npm within semantic-release (can't override bundled deps)
• pkg in binary (deprecated, moderate, no fix)
• file-type in @swc/cli deps (moderate, upstream fix needed)
• vite <=5.4.19 in vscode (can't bump to v6+ due to @types/node@16.x constraint)

Test plan

• Verify npm install succeeds in all packages
• Run existing test suites (npm test in core, gui, vscode, cli)
• Verify VS Code extension builds and loads correctly
• Verify binary builds successfully
• Verify docs site builds with mintlify dev
• Confirm npm audit shows reduced vulnerability counts

---

Summary by cubic

Fixes critical and high security vulnerabilities across the monorepo by upgrading dependencies and adding safe overrides (Critical 31→0, High 193→5; total 394→43). Also updates core to handle nullable @mozilla/readability v0.6.0 text content.

• Dependencies

  • Upgraded key packages: esbuild (^0.25.x), tar (^7.5.13), diff (^8.0.4), react-syntax-highlighter (^16.x), @swc/cli (^0.8.x), vitest (^3.x with @vitest/coverage-v8 and @vitest/ui), and pinned monaco-editor to ^0.53.x; docs mintlify to ^4.2.454.
  • Bumped semantic-release to ^24 and @semantic-release/npm to ^13.x in packages/config-yaml, packages/fetch, packages/llm-info, and packages/openai-adapters to drop the vulnerable bundled npm@9.
  • Removed request from core and VS Code.
  • Added overrides across workspaces to pin patched versions (e.g., tar, picomatch, qs, rollup, serialize-javascript, minimatch, lodash, js-yaml).
  • Docs: removed unsafe cross-major overrides for Express 4 internals (body-parser, send, serve-static, cookie, path-to-regexp, minimatch); kept safe pins for express, qs, tar, js-yaml, lodash, zod, axios, @orpc/openapi, kysely.

• Migration

  • Run a clean install at the repo root (e.g., rm -rf node_modules && npm ci).
  • Rebuild and verify: core, GUI, VS Code extension, CLI, binary, and docs (mintlify dev).
  • No code changes required; only dependency upgrades and overrides.

^{Written for commit 2b1606e. Summary will update on new commits.}

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
continue-docs	🟢 Ready	View Preview	Mar 25, 2026, 11:05 PM

[continue]

Documentation Review

No documentation updates needed for this PR.

Reason: This PR focuses exclusively on security vulnerability fixes through dependency upgrades, package overrides, and removal of deprecated packages. These are internal infrastructure changes that:

• Don't introduce new features or APIs
• Don't change existing behavior for users
• Don't require any migration steps from developers using Continue
• Are transparent to end users

Security patching of dependencies is an internal maintenance concern that doesn't impact the user-facing documentation.

[cubic-dev-ai]

1 issue found across 24 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="docs/package.json">

<violation number="1" location="docs/package.json:30">
P1: This override forces Express 4's router dependency to an incompatible major version. `path-to-regexp@8` changed the `pathToRegexp()` return shape, so Mintlify's Express-based routes can fail at startup or when matching paths.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[RomneyDa]

Addressed the review feedback (issue identified by cubic):

• Removed unsafe cross-major overrides from docs/package.json: path-to-regexp@^8, body-parser@^2, send@^1, serve-static@^2, cookie@^1, and minimatch@^10 — all incompatible with Express 4's internals used by Mintlify.
• Kept safe same-major overrides: express@^4.21.2, qs@^6.14.2, tar, js-yaml, lodash, zod, axios, @orpc/openapi, kysely.
• Resolved merge conflicts in extensions/vscode and extensions/cli lockfiles, incorporated upstream undici-types override.
• Docs goes from 0 → 15 remaining vulns (4L, 11H) — these are in Mintlify's transitive deps and can't be safely overridden without breaking Express 4 routing.

[sestinj]

Nothing seems too risky. I'm pretty sure we're not shipping with esbuild anymore?