What's Changed
- fix: address CVE-2025-64718 by @Antonio-Maranhao in #1497
- fix: update node-force to address CVEs by @Antonio-Maranhao in #1499
- Bump qs and express by @dependabot[bot] in #1500
- fix: update qs package to address CVE-2025-15284 by @Antonio-Maranhao in #1503
- fix: update diff to 5.2.2 and upgrade sinon to v21 to address CVEs by @Antonio-Maranhao in #1505
- Bump axios from 1.12.2 to 1.13.5 by @dependabot[bot] in #1507
- Bump qs from 6.14.1 to 6.14.2 by @dependabot[bot] in #1508
- Bump webpack from 5.94.0 to 5.105.0 by @dependabot[bot] in #1506
- chore: run npm audit to resolve CVEs on runtime deps by @Antonio-Maranhao in #1509
- chore: run npm audit to resolve CVEs by @vardhanreddy13 in #1515
- Bump flatted from 3.3.3 to 3.4.2 by @dependabot[bot] in #1516
- Bump picomatch by @dependabot[bot] in #1517
- Bump axios from 1.13.5 to 1.15.0 by @dependabot[bot] in #1522
- Bump follow-redirects from 1.15.11 to 1.16.0 by @dependabot[bot] in #1523
- Bump lodash from 4.17.23 to 4.18.1 by @dependabot[bot] in #1520
- Remove uuid package by @Antonio-Maranhao in #1525
- Bump postcss from 8.4.31 to 8.5.10 by @dependabot[bot] in #1526
- Bump basic-ftp from 5.2.0 to 5.3.0 by @dependabot[bot] in #1521
- Bump node-forge from 1.3.3 to 1.4.0 by @dependabot[bot] in #1518
- fix: crypto.randomUUID() not available in insecure envs by @Antonio-Maranhao in #1527
Full Changelog: v1.3.5...v1.3.6