[Deps] Safe dependency updates (2026-04-29)

[github-actions]

Automated Safe Dependency Updates

This PR contains safe patch/minor-level dependency updates that have been verified to:

• ✅ Pass all tests (1653/1655 — 2 pre-existing failures unrelated to these updates)
• ✅ Have no breaking changes
• ✅ No security vulnerabilities introduced (npm audit: 0 vulnerabilities)

Updated Dependencies

Package	Previous	Updated	Type
@commitlint/cli	20.5.0	20.5.2	patch
@typescript-eslint/eslint-plugin	8.58.2	8.59.1	minor
@typescript-eslint/parser	8.58.2	8.59.1	minor
typescript-eslint	8.58.2	8.59.1	minor

Security Fixes Included

None — npm audit reports 0 vulnerabilities. No HIGH/CRITICAL CVEs found.

Verification

• All tests pass (2 pre-existing failures in /var/tmp permission test, unrelated to these updates)
• No breaking changes detected
• npm audit clean after updates

Notes

Several packages have major version updates available (chalk v5, commander v14, execa v9, typescript v6, esbuild v0.28) but these involve breaking changes and are intentionally excluded from this automated update.

---

Generated by Dependency Security Monitor Workflow

---

Warning

Protected Files

This was originally intended as a pull request, but the patch modifies protected files. These files may affect project dependencies, CI/CD pipelines, or agent behaviour. Please review the changes carefully before creating the pull request.

Click here to create the pull request once you have reviewed the changes

Protected files

• package-lock.json

To route changes like this to a review issue instead of blocking, configure protected-files: fallback-to-issue in your workflow configuration.

Generated by Dependency Security Monitor · ● 432K · ◷