From 6f1918e64caaa4add9ebfad4b8d6295170be078a Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Thu, 21 May 2026 11:09:42 +0000
Subject: [PATCH] chore(security): patch 0 Dependabot alerts
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Remove redundant `ip-address` resolution. `socks@2.8.9` already
requests `ip-address@^10.1.1`, which resolves to 10.2.0 naturally —
no override needed. `yarn.lock` is unchanged.

The `semantic-release-slack-bot/**/micromatch` resolution stays:
removing it lets `semantic-release-slack-bot@4.0.2`'s exact pin to
`micromatch@4.0.2` reintroduce the ReDoS vulnerability.

https://claude.ai/code/session_01WbAejfq8AH22exqSxNwBjs
---
 package.json | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 750491d93..105d66eb4 100644
--- a/package.json
+++ b/package.json
@@ -22,7 +22,6 @@
     "semantic-release-slack-bot": "4.0.2"
   },
   "resolutions": {
-    "semantic-release-slack-bot/**/micromatch": "^4.0.8",
-    "ip-address": "^10.1.1"
+    "semantic-release-slack-bot/**/micromatch": "^4.0.8"
   }
 }