chore(deps): Resolve dependency vulnerabilities (2026-06-19)

[tkislan]

Summary

Resolves all 18 non-ignored npm audit advisories reported by npx better-npm-audit audit. After this change the audit is clean (🤝 All good!), with only the documented .nsprc accepted-risk exceptions remaining.

Each advisory was researched independently (one subagent per package) to determine the recommended remediation, whether a patched version exists, and whether any upgrade is breaking. Fixable advisories are pinned to patched versions following the repo's existing override/.nsprc conventions. Major upgrades were avoided; where the only fix is a major bump, the risk is documented as an exception instead.

Pinned to patched versions

Package	Advisory	Sev	Change
ws	GHSA-96hv-2xvq-fx4p	high	scoped overrides 8.20.1 → 8.21.0 (@deepnote/runtime-core, @jupyterlab/filebrowser), 7.5.10 → 7.5.11 (@jupyterlab/services); direct dep ^6.2.3 → ^6.2.4; new @deepnote/sql-language-server scoped override 7.5.11 (jsdom@16, test-only)
form-data	GHSA-hmw2-7cc7-3qxx	high	>=3.0.0 <3.0.5 → 3.0.5 and >=4.0.0 <4.0.6 → 4.0.6
tmp	GHSA-7c78-jf6q-g5cm	high	direct dep ^0.2.6 → ^0.2.7
dompurify	8 advisories (<=3.4.10)	low/mod	override ^3.4.2 → 3.4.11
tar	GHSA-vmf3-w455-68vh	mod	override 7.5.13 → 7.5.16
js-yaml (4.x)	GHSA-h67p-54hq-rp68	mod	direct dep ^4.1.1 → ^4.2.0
@babel/core	GHSA-4x5r-pxfx-6jf8	low	override <7.29.6 → 7.29.6 (dev-only)

All bumps stay within the major each consumer already accepts, so no breaking changes are expected.

Notes on the trickier cases

• ws — the existing scoped overrides (7.5.10 / 8.20.1) had drifted into the newly-vulnerable range and are bumped to the patched releases. Each consumer is kept on the major it currently resolves to. @jupyterlab/services@7.5.1 actually declares ws ^8.11.0 but is force-pinned to 7.x by an override inherited from upstream vscode-jupyter; this PR keeps it on the patched 7.x (7.5.11) to stay minimal — aligning it to 8.x is a separate, larger change worth its own PR.
• form-data — the two selectors must be non-overlapping (>=3.0.0 <3.0.5 / >=4.0.0 <4.0.6). An earlier attempt with <3.0.5 / <4.0.6 left jsdom@16's form-data@3.0.4 unpatched because 3.0.4 matched both selectors and npm skips ambiguous overrides.
• dompurify — the prior override was an unpinned ^3.4.2, which let the lockfile keep 3.4.2; pinning to 3.4.11 forces the patched release (within mermaid's ^3.3.1).

Accepted-risk exceptions added to .nsprc

Advisory	Package	Why excepted
GHSA-8988-4f7v-96qf	@opentelemetry/core	Telemetry is permanently disabled (isTelemetryDisabled() returns true), so the W3C Baggage path is never exercised. The only override fix (otel core 2.x) removes symbols still called by applicationinsights@2.5.0 and breaks it at runtime. Real fix = the deferred @vscode/extension-telemetry ≥1.5.2 major upgrade.
GHSA-h67p-54hq-rp68	js-yaml 3.x copies	tslint / @istanbuljs/load-nyc-config (dev-only). No 3.x backport exists and v4 is a breaking API change (safeLoad/safeDump removed). The 4.x copy is patched above.

These join the 3 pre-existing exceptions (elliptic, @tootallnate/once, uuid), all with 2026-08-15 expiry.

Verification

• npx better-npm-audit audit → 🤝 All good!
• tsc --noEmit (typecheck) → passes
• npm run format-fix → no changes
• Lockfile spot-checked: every target package resolves to its patched version.

🤖 Generated with Claude Code

https://claude.ai/code/session_013cwVbCEwTcSYA1kWHy9ggQ

Summary by CodeRabbit

• Chores
  • Updated dependency versions and tightened transitive package overrides to improve security and stability.
  • Refreshed several package version pins/ranges to better control update behavior.
• Security
  • Added new vulnerability tracking entries with documented accepted-risk rationales and an expiry date of August 15, 2026 to strengthen monitoring.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3eeb0382-fa5b-486f-a7e6-60cabc7348f7

📥 Commits

Reviewing files that changed from the base of the PR and between ea9a5f6 and b1d5f8c.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

🚧 Files skipped from review as they are similar to previous changes (1)

• package.json

---

📝 Walkthrough

Walkthrough

Two GHSA advisories are added to .nsprc with accepted-risk notes and expiry 2026-08-15. Direct dependencies js-yaml, tmp, and ws are bumped to minor/patch releases. The overrides section pins newer ws versions for @jupyterlab/services, @deepnote/runtime-core, and @jupyterlab/filebrowser, introduces a new ws override for @deepnote/sql-language-server, bumps tar, and pins dompurify to an exact version while adding range caps for @babel/core and form-data.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• deepnote/vscode-deepnote#396: Similar pattern of bumping package.json dependency versions and transitive overrides for vulnerability remediation.
• deepnote/vscode-deepnote#401: Overlaps in ws overrides for @deepnote/runtime-core and .nsprc advisory policy updates.

Suggested reviewers

• m1so

🚥 Pre-merge checks | ✅ 6

✅ Passed checks (6 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: resolving dependency vulnerabilities through package updates and .nsprc entries.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Updates Docs	✅ Passed	PR is a security/maintenance fix (dependency updates, not a feature implementation), so the "updates docs" feature check does not apply.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0%. Comparing base (ac66c74) to head (b1d5f8c).
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@     Coverage Diff     @@
##   main   #423   +/-   ##
===========================
===========================

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.nsprc:
- Around line 19-20: The "notes" field in the `.nsprc` file references a
`js-yaml@4` override in package.json that does not actually exist. Either add
the missing `js-yaml@4` override to the overrides section of package.json to
match the security note's rationale, or revise the "notes" text to accurately
reflect the actual dependency configuration without referencing the non-existent
override. Ensure the security rationale in the notes aligns with the real
dependency management setup.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

Review info

Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d01bdfaf-54a9-4443-a62f-cd18fd02f94e

Commits

Reviewing files that changed from the base of the PR and between ac66c74 and b6d6cda.

Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

Files selected for processing (2)

• .nsprc
• package.json