Skip to content

chore: update dependencies and improve gitignore#216

Open
0xAxiom wants to merge 2 commits intomainfrom
chore/update-dependencies-security
Open

chore: update dependencies and improve gitignore#216
0xAxiom wants to merge 2 commits intomainfrom
chore/update-dependencies-security

Conversation

@0xAxiom
Copy link
Copy Markdown
Owner

@0xAxiom 0xAxiom commented Mar 22, 2026

What

  • Updated development dependencies to latest versions (ESLint, Commitlint, Vitest, TypeScript-ESLint)
  • Updated @anthropic-ai/sdk in CLI package (0.32.1 → 0.80.0)
  • Added claw-pipeline/*/ pattern to .gitignore to prevent untracked build artifacts
  • Removed untracked claw-pipeline/base-protocol-pulse directory

Why

Addresses findings from automated repository review:

  • Security: Anthropic SDK was significantly outdated (potential security implications)
  • Maintenance: Multiple development dependencies had newer versions available
  • Cleanup: Untracked build artifacts were causing formatting issues and repository pollution

Testing

  • Dependencies updated with npm audit showing 0 vulnerabilities
  • Build artifacts properly ignored by updated .gitignore patterns
  • Linting and formatting rules maintained with updated tooling

Additional Context

Based on systematic analysis by Scout agent identifying:

  • Outdated dependencies via npm outdated scan
  • Untracked files causing CI formatting conflicts
  • Need for improved build artifact management per existing patterns

Part of ongoing AppFactory maintenance and security hygiene.

0xAxiom added 2 commits March 21, 2026 11:11
@0xAxiom
chore: update dependencies
959ff4e 
- Update CLI dependencies: commander 12.1.0→14.0.3, dotenv 16.4.5→17.3.1, inquirer 12.2.0→13.3.2, ora 8.1.0→9.3.0
- Update root dependencies: eslint-config-prettier 9.1.0→10.1.8, globals 15.0.0→17.4.0
- Fixed security vulnerability in flatted package
- All tests pass (252/252)
- No security vulnerabilities remain
- Safe dependency updates for improved security and features
@0xAxiom
chore: update dependencies and improve gitignore
f518f8d 
- Update development dependencies (@commitlint/cli, @commitlint/config-conventional, @eslint/js, eslint, typescript-eslint, lint-staged, @vitest/coverage-v8, vitest)
- Update @anthropic-ai/sdk in CLI package (security update)
- Add claw-pipeline/*/ pattern to .gitignore to prevent untracked build artifacts
- Remove untracked claw-pipeline/base-protocol-pulse directory

Addresses findings from automated repository review:
- Outdated dependencies identified by npm outdated scan
- Untracked build artifacts mentioned in Scout analysis
- Improved build artifact cleanup per established .gitignore patterns
@0xAxiom 0xAxiom requested a review from MeltedMindz as a code owner March 22, 2026 00:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MeltedMindz MeltedMindz Awaiting requested review from MeltedMindz MeltedMindz is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@0xAxiom