Skip to content

fix: bump @plures/praxis to 2.4.33 to resolve no-known-vulns dimension#66

Merged
kayodebristol merged 2 commits intomainfrom
copilot/adr-0009-fix-no-known-vulns-yet-again
Mar 26, 2026
Merged

fix: bump @plures/praxis to 2.4.33 to resolve no-known-vulns dimension#66
kayodebristol merged 2 commits intomainfrom
copilot/adr-0009-fix-no-known-vulns-yet-again

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 26, 2026

The no-known-vulns health dimension was at 0% because @plures/praxis was pinned to 2.4.27 while 2.4.33 is the current clean release.

Changes

  • package.json: ^2.4.27^2.4.33
  • package-lock.json: resolved version locked to 2.4.33
Original prompt

This section details on the original issue you should resolve

<issue_title>[level-critical] no-known-vulns: 0% → 100%</issue_title>
<issue_description>## Level-Driven Improvement

Dimension: no-known-vulns
Current: 0%
Target: 100%
Floor: 100%
Priority: P0

This issue was generated by the praxis level-driven improvement system.
The system measures repo health across 13 dimensions and generates work
to close gaps between current state and target state.

When this dimension reaches its target, the target ratchets upward.
No repo is ever "done."

Filed by praxis-business level evaluator (ADR-0009).</issue_description>

Comments on the Issue (you are @copilot in this section)

@kayodebristol @copilot This is a level-critical issue. The repo health dimension is below its minimum acceptable threshold. Please fix it.

💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.

@github-actions github-actions bot marked this pull request as ready for review March 26, 2026 15:58
Copilot AI review requested due to automatic review settings March 26, 2026 15:58
Copilot AI review requested due to automatic review settings March 26, 2026 15:58
Copilot AI requested review from Copilot and removed request for Copilot March 26, 2026 16:06
Copilot AI changed the title [WIP] Fix repo health dimension no-known-vulns to reach 100% fix: bump @plures/praxis to 2.4.33 to resolve no-known-vulns dimension Mar 26, 2026
Copilot AI requested a review from kayodebristol March 26, 2026 16:08
@kayodebristol kayodebristol requested a review from Copilot March 26, 2026 16:35
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the repo’s single runtime dependency to a newer, non-vulnerable release so the no-known-vulns health dimension returns to 100%.

Changes:

  • Bump @plures/praxis from ^2.4.27 to ^2.4.33 in package.json
  • Update package-lock.json to resolve and lock @plures/praxis at 2.4.33

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
package.json Updates the declared dependency range for @plures/praxis to the clean release.
package-lock.json Updates the resolved tarball/version + integrity to lock installs to 2.4.33.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Copy link
Copy Markdown
Contributor

@kayodebristol kayodebristol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto-approved: CI green + Copilot code review complete.

@kayodebristol kayodebristol merged commit 582f1fb into main Mar 26, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[level-critical] no-known-vulns: 0% → 100%

3 participants