fix(deps): patch security advisories for devalue, simple-git, postcss, nitropack

[muneebs]

Summary

• Bump devalue override to >=5.8.1 (high: DoS via sparse array deserialization)
• Bump simple-git override to >=3.36.0 (high: RCE vulnerability)
• Add postcss override >=8.5.10 (medium: XSS via unescaped style tags)
• Add nitropack override >=2.13.4 (medium: path traversal and open redirect)

All are transitive deps of the Nuxt example app. No published package code changed.

Test plan

• All 110 tests pass
• Lockfile resolves patched versions
• Dependabot alerts auto-close after merge

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Updated internal dependency version constraints to enhance security and stability across the application stack.

[coderabbitai]

Walkthrough

This PR updates pnpm.overrides in package.json by bumping minimum versions for simple-git and devalue, and introducing new override constraints for postcss and nitropack to ensure compatible dependency versions across the project.

Changes

Dependency Override Updates

Layer / File(s)	Summary
Dependency version constraints package.json	Updates minimum versions for simple-git (to >=3.36.0), devalue (to >=5.8.1), and adds new overrides for postcss (>=8.5.10) and nitropack (>=2.13.4).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• muneebs/csrf-armor#52: Both PRs modify package.json pnpm.overrides dependency constraints with different version bumps and package overrides.
• muneebs/csrf-armor#31: Both PRs update the root package.json's pnpm.overrides and related dependency version constraints.

Poem

🐰 A flutter of versions, so fresh and so new!
Simple-git hops higher, devalue climps too.
Postcss and nitropack join the merry fray,
Overrides aligned for a sturdier day! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: patching security advisories for multiple dependencies in package.json overrides.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/security-advisories-may-2025

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm ioredis is 96.0% likely obfuscated Confidence: 0.96 Location: Package overview From: pnpm-lock.yaml → npm/nuxt@4.4.2 → npm/ioredis@5.10.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/ioredis@5.10.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@package.json`:
- Line 75: There is an unexpected change to the dependency constraint for "defu"
(the entry "defu": ">=6.1.5") — verify whether this override was intentional; if
it was accidental, revert this change from package.json and regenerate the
lockfile (package-lock.json or yarn.lock) so the commit no longer contains the
modified dependency, and if it was intentional, update the PR description to
explain why the version range was widened and add a brief note in the commit
message and changelog; also run the test suite and a dependency audit after
making the correction to ensure no regressions.
- Line 59: The devalue override currently set to ">= 5.8.1" is incorrect for the
stated security fixes; update the override in package.json for the dependency
entry "devalue" to ">= 5.6.4" so it includes the patched versions (5.6.3/5.6.4)
that address the sparse-array DoS and prototype pollution advisories—locate the
override line that currently contains "devalue": ">= 5.8.1" and change it to
"devalue": ">= 5.6.4".

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c0b96b75-e19c-4000-ab84-6591541584d2

📥 Commits

Reviewing files that changed from the base of the PR and between 4fcbacd and ffbdfe5.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• package.json

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

simple-git 3.36.0 security advisory RCE vulnerability CVE

💡 Result:

simple-git 3.36.0 addresses an RCE vulnerability tracked as CVE-2026-6951. The issue affects versions of simple-git before 3.36.0 and is described as an incomplete fix for CVE-2022-25912: the protection blocks the -c option but not the equivalent --config form, allowing untrusted input to reach simple-git options and enable Git config protocol.ext.allow=always. With that enabled, an attacker can use an ext:: clone source to achieve remote code execution [1][2]. Evidence/details grounded in the sources: - NVD describes CVE-2026-6951 for “simple-git before 3.36.0” and explains the incomplete fix around blocking -c but not --config, with exploitation via protocol.ext.allow=always and ext:: clone [1]. - Snyk’s advisory for CVE-2026-6951 states the same root cause and recommends upgrading to simple-git 3.36.0 (or higher) [2]. Practical mitigation: - Upgrade simple-git to version 3.36.0 or later everywhere untrusted user input can influence the arguments/options passed to simple-git [2].

Citations:

• 1: https://nvd.nist.gov/vuln/detail/CVE-2026-6951
• 2: https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-15456078

---

🌐 Web query:

devalue 5.8.1 security advisory DoS sparse array CVE

💡 Result:

The devalue library has been subject to several security advisories related to Denial of Service (DoS) vulnerabilities, including issues involving sparse arrays and resource exhaustion. There is no single "5.8.1 security advisory" that encompasses all these issues; rather, multiple vulnerabilities were addressed in various versions leading up to and including 5.6.4 [1][2][3][4]. Key vulnerabilities identified in devalue include: 1. Sparse Array DoS (GHSA-33hq-fvwr-56pm): This vulnerability, affecting versions <= 5.6.2, involved CPU and memory amplification when serializing sparse arrays using uneval or stringify [1][5]. It was patched in version 5.6.3 [1][5]. This issue does not have an assigned CVE ID [1]. 2. Memory Exhaustion in devalue.parse (CVE-2026-22774): Affecting versions 5.3.0 through 5.6.1, this vulnerability allowed for asymmetric resource consumption due to improper ArrayBuffer type validation during hydration [2][6]. It was patched in version 5.6.2 [2][6]. 3. ArrayBuffer Hydration DoS (CVE-2026-22775): Affecting versions 5.1.0 through 5.6.1, this issue involved improper validation of base64 encoded strings during ArrayBuffer hydration, leading to potential DoS [3]. It was also patched in version 5.6.2 [3]. 4. Prototype Pollution (CVE-2026-30226): Affecting versions 5.6.3 and earlier, this vulnerability in devalue.parse and devalue.unflatten allowed for prototype pollution via maliciously crafted payloads, which could lead to DoS or type confusion [4]. This was patched in version 5.6.4 [4]. Users are advised to ensure they are using version 5.6.4 or later to mitigate these known vulnerabilities [7][4].

Citations:

• 1: GHSA-33hq-fvwr-56pm
• 2: GHSA-vw5p-8cq8-m7mv
• 3: https://nvd.nist.gov/vuln/detail/CVE-2026-22775
• 4: https://www.sentinelone.com/vulnerability-database/cve-2026-30226/
• 5: https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS0zM2hxLWZ2d3ItNTZwbc4ABSml
• 6: https://security.snyk.io/vuln/SNYK-JS-DEVALUE-14982188
• 7: https://www.npmjs.com/package/devalue

---

🌐 Web query:

postcss 8.5.10 security advisory XSS unescaped style tags CVE

💡 Result:

PostCSS versions prior to 8.5.10 are vulnerable to a Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2026-41305 [1][2]. The vulnerability exists because PostCSS does not properly escape </style> sequences when stringifying CSS Abstract Syntax Trees (ASTs) [3][1]. If an application parses user-submitted CSS and re-stringifies it for embedding directly within an HTML <style> tag, an attacker can inject a crafted CSS string containing </style> to break out of the style context and execute arbitrary JavaScript [3][4]. This issue was addressed in PostCSS version 8.5.10, which introduced the necessary escaping for </style> sequences [3][1]. Users are advised to upgrade to version 8.5.10 or higher to mitigate this risk [4][5]. The vulnerability has a CVSS v3 base score of 6.1 (Medium) [6][2].

Citations:

• 1: https://nvd.nist.gov/vuln/detail/CVE-2026-41305
• 2: https://www.tenable.com/cve/CVE-2026-41305
• 3: GHSA-qx2v-qp2m-jg93
• 4: https://security.snyk.io/vuln/SNYK-JS-POSTCSS-16189065
• 5: https://www.ibm.com/support/pages/security-bulletin-resolved-vulnerability-postcss-versions-prior-8510-1
• 6: https://zero.redgem.net/?p=49151

---

🌐 Web query:

nitropack 2.13.4 security advisory path traversal open redirect CVE

💡 Result:

The Nitro framework (often referred to as nitropack on npm) released version 2.13.4 to address two medium-severity security vulnerabilities related to route rule processing [1][2]. It is important to distinguish this framework from the NitroPack WordPress plugin, which is a separate product [3][4][5]. The vulnerabilities addressed in Nitro 2.13.4 are: 1. Open Redirect (CVE-2026-44372): This vulnerability allowed an attacker to bypass intended same-host rewrites in redirect route rules [6][7][8]. By crafting a URL with an extra slash (e.g., /legacy//evil.com), an attacker could force the application to respond with a protocol-relative URL (Location: //evil.com), causing the browser to redirect the user to an external, attacker-controlled site [7][8]. 2. Path Traversal (CVE-2026-44373): This vulnerability allowed an attacker to bypass proxy route rule scopes using percent-encoded path traversal sequences (e.g.,..%2f) [9][10]. This could cause the Nitro runtime to forward requests to upstream services that were intended to be protected or out-of-scope, potentially exposing internal endpoints or sensitive data [9]. These issues affect deployments where route rules are executed by the Nitro runtime [6][9]. Deployments that offload these rules to edge platforms (such as Vercel, Netlify, Cloudflare Pages, or EdgeOne) are generally not affected because the rules are handled natively at the CDN layer [6][8]. Users relying on proxy or redirect route rules are strongly encouraged to upgrade to version 2.13.4 or later [1][2].

Citations:

• 1: https://github.com/nitrojs/nitro/releases/tag/v2.13.4
• 2: https://newreleases.io/project/github/nitrojs/nitro/release/v2.13.4
• 3: https://app.opencve.io/cve/?product=nitropack&vendor=nitropack
• 4: https://patchstack.com/database/wordpress/plugin/nitropack
• 5: https://www.sentinelone.com/vulnerability-database/cve-2026-39669/
• 6: https://scout.docker.com/vulnerabilities/id/CVE-2026-44372?n=nitropack&s=github&t=npm&vr=%3C2.13.4
• 7: https://advisories.gitlab.com/npm/nitro/CVE-2026-44372/
• 8: https://www.resolvedsecurity.com/vulnerability-catalog/CVE-2026-44372
• 9: https://scout.docker.com/vulnerabilities/id/CVE-2026-44373?n=nitropack&s=github&t=npm&vr=%3C2.13.4
• 10: https://tuxcare.com/cve-tracker/cve/details/cve-2026-44373/

---

Correct devalue version override—specified version does not patch stated vulnerabilities.

The PR specifies devalue >= 5.8.1 to address DoS via sparse array deserialization, but security advisories confirm the patched versions are 5.6.3 (sparse array DoS, GHSA-33hq-fvwr-56pm) and 5.6.4 (prototype pollution, CVE-2026-30226). Version 5.8.1 does not appear in any devalue security advisory. Update to devalue >= 5.6.4.

The other three overrides are correctly specified:

• simple-git >= 3.36.0 patches CVE-2026-6951 (RCE) ✓
• postcss >= 8.5.10 patches CVE-2026-41305 (XSS) ✓
• nitropack >= 2.13.4 patches CVE-2026-44372 (open redirect) and CVE-2026-44373 (path traversal) ✓

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` at line 59, The devalue override currently set to ">= 5.8.1" is
incorrect for the stated security fixes; update the override in package.json for
the dependency entry "devalue" to ">= 5.6.4" so it includes the patched versions
(5.6.3/5.6.4) that address the sparse-array DoS and prototype pollution
advisories—locate the override line that currently contains "devalue": ">=
5.8.1" and change it to "devalue": ">= 5.6.4".

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Verify the defu override is intentional.

The defu override at line 75 (>=6.1.5) is not mentioned in the PR objectives or summary. Confirm whether this change is intentional or if it was accidentally included.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` at line 75, There is an unexpected change to the dependency
constraint for "defu" (the entry "defu": ">=6.1.5") — verify whether this
override was intentional; if it was accidental, revert this change from
package.json and regenerate the lockfile (package-lock.json or yarn.lock) so the
commit no longer contains the modified dependency, and if it was intentional,
update the PR description to explain why the version range was widened and add a
brief note in the commit message and changelog; also run the test suite and a
dependency audit after making the correction to ensure no regressions.