fix(deps): resolve docs npm audit

[Copilot]

Docs-site dependencies reported npm audit issues (devalue, h3, and diff), with diff lacking an upstream fix in the transitive chain. This update removes the remaining audit findings while keeping the docs toolchain aligned.

• Audit remediation
  • Add an npm override to force diff@8.0.3 and regenerate the lockfile so transitive dependencies resolve to patched versions.

{
  "overrides": {
    "diff": "8.0.3"
  }
}

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• telemetry.astro.build
  • Triggering command: /usr/local/bin/node node /home/REDACTED/work/gh-aw-firewall/gh-aw-firewall/docs-site/node_modules/.bin/astro build (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

Fix those npm audit issues:

npm audit report

devalue 5.1.0 - 5.6.1
Severity: high
devalue vulnerable to denial of service due to memory/CPU exhaustion in devalue.parse - GHSA-g2pg-6438-jwpf
Devalue is vulnerable to denial of service due to memory exhaustion in devalue.parse - GHSA-vw5p-8cq8-m7mv
fix available via npm audit fix
node_modules/devalue

diff <8.0.3
jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch - GHSA-73rr-hh4g-fpgx
No fix available
node_modules/diff
astro <=0.0.0-xray-20231129021231 || >=0.25.0-next.0
Depends on vulnerable versions of diff
node_modules/astro
@astrojs/mdx <=0.0.0-vercel-upgrade-20230905174957 || >=1.0.0-beta.0
Depends on vulnerable versions of astro
node_modules/@astrojs/mdx
@astrojs/starlight *
Depends on vulnerable versions of @astrojs/mdx
Depends on vulnerable versions of astro
Depends on vulnerable versions of astro-expressive-code
node_modules/@astrojs/starlight
astro-expressive-code >=0.8.0
Depends on vulnerable versions of astro
node_modules/astro-expressive-code
astro-mermaid *
Depends on vulnerable versions of astro
node_modules/astro-mermaid

h3 <=1.15.4
Severity: high
h3 v1 has Request Smuggling (TE.TE) issue - GHSA-mp2g-9vg9-f4cg
fix available via npm audit fix
node_modules/h3

8 vulnerabilities (6 low, 2 high)

To address issues that do not require attention, run:
npm audit fix

Some issues need review, and may require choosing
a different dependency.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[github-actions]

Test Coverage Report

Metric	Coverage	Covered/Total
Lines	77.19%	1300/1684
Statements	77.27%	1333/1725
Functions	77.17%	142/184
Branches	69.76%	450/645

Coverage Thresholds

The project has the following coverage thresholds configured:

• Lines: 38%
• Statements: 38%
• Functions: 35%
• Branches: 30%

---

Coverage report generated by `npm run test:coverage`