From a3ad90f2693aa6921f033052616162801059097f Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 23 Jan 2026 00:55:13 +0000
Subject: [PATCH 1/2] Initial plan


From 717e397d5529a1048decceb12746039da739c281 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 23 Jan 2026 00:59:05 +0000
Subject: [PATCH 2/2] Update dependencies and fix npm audit vulnerabilities

Co-authored-by: gfs <98900+gfs@users.noreply.github.com>
---
 Changelog.md                                  |  9 ++++++++
 .../{.eslintrc.js => .eslintrc.cjs}           |  0
 DevSkim-VSCode-Plugin/package-lock.json       | 22 ++++++++-----------
 3 files changed, 18 insertions(+), 13 deletions(-)
 rename DevSkim-VSCode-Plugin/{.eslintrc.js => .eslintrc.cjs} (100%)

diff --git a/Changelog.md b/Changelog.md
index b299f5d1..13319c83 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.69] - 2026-01-23
+### Dependencies
+- Update lodash from 4.17.21 to 4.17.23 in /DevSkim-VSCode-Plugin (fixes Prototype Pollution vulnerability)
+- Update qs from 6.14.0 to 6.14.1 in /DevSkim-VSCode-Plugin (fixes DoS vulnerability)
+- Update undici from 6.21.3 to 6.23.0 in /DevSkim-VSCode-Plugin (fixes resource exhaustion vulnerability)
+
+### Fix
+- Rename .eslintrc.js to .eslintrc.cjs to fix linter compatibility with ES modules
+
 ## [1.0.68] - 2025-12-04
 ### Dependencies
 Bump jws from 3.2.2 to 3.2.3 in /DevSkim-VSCode-Plugin
diff --git a/DevSkim-VSCode-Plugin/.eslintrc.js b/DevSkim-VSCode-Plugin/.eslintrc.cjs
similarity index 100%
rename from DevSkim-VSCode-Plugin/.eslintrc.js
rename to DevSkim-VSCode-Plugin/.eslintrc.cjs
diff --git a/DevSkim-VSCode-Plugin/package-lock.json b/DevSkim-VSCode-Plugin/package-lock.json
index c8fc4ea7..c6a32633 100644
--- a/DevSkim-VSCode-Plugin/package-lock.json
+++ b/DevSkim-VSCode-Plugin/package-lock.json
@@ -1389,7 +1389,6 @@
 			"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.62.0.tgz",
 			"integrity": "sha512-VlJEV0fOQ7BExOsHYAGrgbEiZoi8D+Bl2+f6V2RrXerRSylnp+ZBHmPvaIa8cz0Ajx7WO7Z5RqfgYg7ED1nRhA==",
 			"dev": true,
-			"peer": true,
 			"dependencies": {
 				"@typescript-eslint/scope-manager": "5.62.0",
 				"@typescript-eslint/types": "5.62.0",
@@ -1797,7 +1796,6 @@
 			"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz",
 			"integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==",
 			"dev": true,
-			"peer": true,
 			"bin": {
 				"acorn": "bin/acorn"
 			},
@@ -2717,7 +2715,6 @@
 			"integrity": "sha512-ypowyDxpVSYpkXr9WPv2PAZCtNip1Mv5KTW0SCurXv/9iOpcrH9PaqUElksqEB6pChqHGDRCFTyrZlGhnLNGiA==",
 			"deprecated": "This version is no longer supported. Please see https://eslint.org/version-support for other options.",
 			"dev": true,
-			"peer": true,
 			"dependencies": {
 				"@eslint-community/eslint-utils": "^4.2.0",
 				"@eslint-community/regexpp": "^4.6.1",
@@ -3930,9 +3927,9 @@
 			}
 		},
 		"node_modules/lodash": {
-			"version": "4.17.21",
-			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-			"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+			"version": "4.17.23",
+			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+			"integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
 			"dev": true,
 			"license": "MIT"
 		},
@@ -4715,9 +4712,9 @@
 			}
 		},
 		"node_modules/qs": {
-			"version": "6.14.0",
-			"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
-			"integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
+			"version": "6.14.1",
+			"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz",
+			"integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==",
 			"dev": true,
 			"license": "BSD-3-Clause",
 			"dependencies": {
@@ -5687,7 +5684,6 @@
 			"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz",
 			"integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==",
 			"dev": true,
-			"peer": true,
 			"bin": {
 				"tsc": "bin/tsc",
 				"tsserver": "bin/tsserver"
@@ -5711,9 +5707,9 @@
 			"license": "MIT"
 		},
 		"node_modules/undici": {
-			"version": "6.21.3",
-			"resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz",
-			"integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw==",
+			"version": "6.23.0",
+			"resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
+			"integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
 			"dev": true,
 			"license": "MIT",
 			"engines": {