fix(build): resolve Dependabot security alerts (#26729)

Fix 4 Dependabot alerts:
- CVE-2021-34141: remove duplicate vulnerable numpy==1.21.5 pin
- markdown-it ReDoS (>= 13.0.0, < 14.1.1): add yarn resolution to 14.1.1
- preact JSON VNode injection: resolved by yarn upgrade to 10.29.0
- esbuild dev server request leak (<= 0.24.2): add yarn resolution to 0.25.0

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
This commit is contained in:
Ramon Roche
2026-03-12 12:40:35 -07:00
committed by GitHub
parent ab6c9b7909
commit 3ed2f23d9c
3 changed files with 491 additions and 446 deletions
@@ -1,6 +1,5 @@
matplotlib==3.5.1
numpy==1.22.2
numpy==1.21.5
numpy_quaternion==2022.4.3
pyulog==0.9.0
scipy==1.8.0