Daily Autohealing Report — 2026-03-27 (UTC)

## Daily Autohealing Report — 2026-03-27 (UTC)

### Errored PRs
None. All open PRs have passing CI checks:
- [#3014](https://github.com/fro-bot/.github/pull/3014): Update eslint to v10.1.0 (SUCCESS)
- [#2997](https://github.com/fro-bot/.github/pull/2997): Update @types/node to v24.12.0 (SUCCESS)

### Security
- **Fixed**: Created [#3025](https://github.com/fro-bot/.github/pull/3025) to address CVE-2026-33671 (HIGH) and CVE-2026-33672 (MEDIUM) for picomatch.
  - **CVE-2026-33671 (HIGH)**: ReDoS vulnerability via extglob quantifiers
  - **CVE-2026-33672 (MEDIUM)**: Method Injection in POSIX Character Classes
  - Fix: Added \`picomatch: >=4.0.4\` override to package.json
  - picomatch is a transitive dependency via @bfra.me/eslint-config
- **Previously Resolved**: [#3022](https://github.com/fro-bot/.github/pull/3022) (yaml CVE-2026-33532) was merged on 2026-03-26.

### Health & Maintenance
- **Workflow Actions**: All actions are pinned to commit SHAs with version comments. No unpinned actions found.
- **Open Dependency Update PRs** (awaiting review):
  - [#3014](https://github.com/fro-bot/.github/pull/3014): Update eslint to v10.1.0
  - [#2997](https://github.com/fro-bot/.github/pull/2997): Update @types/node to v24.12.0

### Developer Experience
All validation commands pass on main:
- \`pnpm bootstrap\` ✓
- \`pnpm check-types\` ✓
- \`pnpm lint\` ✓
- \`pnpm check-format\` ✓

### Needs Human Attention
1. **[#3025](https://github.com/fro-bot/.github/pull/3025)**: HIGH severity security fix for picomatch (CVE-2026-33671) - needs review and merge.
2. **[#3014](https://github.com/fro-bot/.github/pull/3014)** and **[#2997](https://github.com/fro-bot/.github/pull/2997)**: Dependency update PRs are ready for merge but require review approval.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Daily Autohealing Report — 2026-03-27 (UTC) #3026