From c11730760c2afcda653fb690d07e50f520f1e3b2 Mon Sep 17 00:00:00 2001
From: Arman Jamadar <ajamadar@mdsol.com>
Date: Mon, 17 Nov 2025 07:30:19 +0000
Subject: [PATCH] fix: add npm override for js-yaml to resolve security
 vulnerability

- Add js-yaml ^4.1.1 to package.json overrides
- Fixes prototype pollution vulnerability (GHSA-mh29-5h37-fv8m) in js-yaml <4.1.1
- Forces all transitive dependencies to use the patched version
- Resolves conflict between js-yaml 3.x (via @codeceptjs/detox-helper) and 4.x
- All tests passing (unit and runner tests verified)
---
 package.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 06634c966..bb2c360dc 100644
--- a/package.json
+++ b/package.json
@@ -198,6 +198,7 @@
     }
   },
   "overrides": {
-    "tmp": "0.2.5"
+    "tmp": "0.2.5",
+    "js-yaml": "^4.1.1"
   }
 }