From 2915625ef17fd66c5462b4e259b09e324d7cbeeb Mon Sep 17 00:00:00 2001
From: jdalton <john.david.dalton@gmail.com>
Date: Mon, 2 Mar 2026 20:36:46 -0500
Subject: [PATCH 1/2] chore(ci): update workflow SHA references to latest

---
 .github/workflows/ci.yml                 | 4 ++--
 .github/workflows/claude-auto-review.yml | 2 +-
 .github/workflows/claude.yml             | 2 +-
 .github/workflows/provenance.yml         | 2 +-
 .github/workflows/socket-auto-pr.yml     | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 41a7a2f..0553abd 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -27,7 +27,7 @@ permissions:
 jobs:
   ci:
     name: Run CI Pipeline
-    uses: SocketDev/socket-registry/.github/workflows/ci.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main
+    uses: SocketDev/socket-registry/.github/workflows/ci.yml@67a3db92603c23c58031586611c7cc852244c87c # main
     with:
       test-setup-script: 'pnpm run build'
       lint-script: 'pnpm run lint --all'
@@ -46,7 +46,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: SocketDev/socket-registry/.github/actions/setup-and-install@4709a2443e5a036bb0cd94e5d1559f138f05994c # main
+      - uses: SocketDev/socket-registry/.github/actions/setup-and-install@67a3db92603c23c58031586611c7cc852244c87c # main
         with:
           node-version: '22'
 
diff --git a/.github/workflows/claude-auto-review.yml b/.github/workflows/claude-auto-review.yml
index d365476..f9d2f3b 100644
--- a/.github/workflows/claude-auto-review.yml
+++ b/.github/workflows/claude-auto-review.yml
@@ -15,6 +15,6 @@ permissions:
 
 jobs:
   auto-review:
-    uses: SocketDev/socket-registry/.github/workflows/claude-auto-review.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main
+    uses: SocketDev/socket-registry/.github/workflows/claude-auto-review.yml@67a3db92603c23c58031586611c7cc852244c87c # main
     secrets:
       anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
index 2f4ccdf..0f09768 100644
--- a/.github/workflows/claude.yml
+++ b/.github/workflows/claude.yml
@@ -22,6 +22,6 @@ permissions:
 
 jobs:
   claude:
-    uses: SocketDev/socket-registry/.github/workflows/claude.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main
+    uses: SocketDev/socket-registry/.github/workflows/claude.yml@67a3db92603c23c58031586611c7cc852244c87c # main
     secrets:
       anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
diff --git a/.github/workflows/provenance.yml b/.github/workflows/provenance.yml
index 30f1b52..2ca1a11 100644
--- a/.github/workflows/provenance.yml
+++ b/.github/workflows/provenance.yml
@@ -21,7 +21,7 @@ permissions:
 
 jobs:
   publish:
-    uses: SocketDev/socket-registry/.github/workflows/provenance.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main
+    uses: SocketDev/socket-registry/.github/workflows/provenance.yml@67a3db92603c23c58031586611c7cc852244c87c # main
     with:
       debug: ${{ inputs.debug }}
       package-name: '@socketsecurity/lib'
diff --git a/.github/workflows/socket-auto-pr.yml b/.github/workflows/socket-auto-pr.yml
index 10718c0..837cc65 100644
--- a/.github/workflows/socket-auto-pr.yml
+++ b/.github/workflows/socket-auto-pr.yml
@@ -24,7 +24,7 @@ permissions:
 
 jobs:
   socket-auto-pr:
-    uses: SocketDev/socket-registry/.github/workflows/socket-auto-pr.yml@4709a2443e5a036bb0cd94e5d1559f138f05994c # main
+    uses: SocketDev/socket-registry/.github/workflows/socket-auto-pr.yml@67a3db92603c23c58031586611c7cc852244c87c # main
     with:
       debug: ${{ inputs.debug }}
       autopilot: true

From c6062fc0d3d2af8ffd66229d90758d372d7ab34e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Mar 2026 17:24:09 +0000
Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=A4=96=20Dep=20Updates:=20Bump=20vali?=
 =?UTF-8?q?date-npm-package-name=20from=206.0.2=20to=207.0.2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [validate-npm-package-name](https://github.com/npm/validate-npm-package-name) from 6.0.2 to 7.0.2.
- [Release notes](https://github.com/npm/validate-npm-package-name/releases)
- [Changelog](https://github.com/npm/validate-npm-package-name/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/validate-npm-package-name/compare/v6.0.2...v7.0.2)

---
updated-dependencies:
- dependency-name: validate-npm-package-name
  dependency-version: 7.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package.json   |  2 +-
 pnpm-lock.yaml | 16 ++++++++++++++--
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 105d3cb..5d685d0 100644
--- a/package.json
+++ b/package.json
@@ -776,7 +776,7 @@
     "type-coverage": "2.29.7",
     "typescript": "5.9.2",
     "typescript-eslint": "8.44.1",
-    "validate-npm-package-name": "6.0.2",
+    "validate-npm-package-name": "7.0.2",
     "vite-tsconfig-paths": "5.1.4",
     "vitest": "4.0.3",
     "which": "5.0.0",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index e05c43b..4008926 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -243,8 +243,8 @@ importers:
         specifier: 8.44.1
         version: 8.44.1(eslint@9.35.0(jiti@2.6.1)(supports-color@10.0.0))(supports-color@10.0.0)(typescript@5.9.2)
       validate-npm-package-name:
-        specifier: 6.0.2
-        version: 6.0.2
+        specifier: 7.0.2
+        version: 7.0.2
       vite-tsconfig-paths:
         specifier: 5.1.4
         version: 5.1.4(supports-color@10.0.0)(typescript@5.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.6.1)(yaml@2.8.1))
@@ -2018,11 +2018,13 @@ packages:
 
   glob@10.4.5:
     resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==}
+    deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
     hasBin: true
 
   glob@11.0.3:
     resolution: {integrity: sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==}
     engines: {node: 20 || >=22}
+    deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
     hasBin: true
 
   globals@14.0.0:
@@ -2992,18 +2994,22 @@ packages:
   tar@6.2.1:
     resolution: {integrity: sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==}
     engines: {node: '>=10'}
+    deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
 
   tar@7.5.1:
     resolution: {integrity: sha512-nlGpxf+hv0v7GkWBK2V9spgactGOp0qvfWRxUMjqHyzrt3SgwE48DIv/FhqPHJYLHpgW1opq3nERbz5Anq7n1g==}
     engines: {node: '>=18'}
+    deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
 
   tar@7.5.2:
     resolution: {integrity: sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==}
     engines: {node: '>=18'}
+    deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
 
   tar@7.5.7:
     resolution: {integrity: sha512-fov56fJiRuThVFXD6o6/Q354S7pnWMJIVlDBYijsTNx6jKSE4pvrDTs6lUnmGvNyfJwFQQwWy3owKz1ucIhveQ==}
     engines: {node: '>=18'}
+    deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
 
   taze@19.9.2:
     resolution: {integrity: sha512-If8bq7lSckIMPfXV+C9jjEfdsQnRryh/foKfpX/ah6zI0TrQfUGWSGCaaD32Bqy5/KGRmLZie3EwMSr3Au21XQ==}
@@ -3173,6 +3179,10 @@ packages:
     resolution: {integrity: sha512-IUoow1YUtvoBBC06dXs8bR8B9vuA3aJfmQNKMoaPG/OFsPmoQvw8xh+6Ye25Gx9DQhoEom3Pcu9MKHerm/NpUQ==}
     engines: {node: ^18.17.0 || >=20.5.0}
 
+  validate-npm-package-name@7.0.2:
+    resolution: {integrity: sha512-hVDIBwsRruT73PbK7uP5ebUt+ezEtCmzZz3F59BSr2F6OVFnJ/6h8liuvdLrQ88Xmnk6/+xGGuq+pG9WwTuy3A==}
+    engines: {node: ^20.17.0 || >=22.9.0}
+
   vite-tsconfig-paths@5.1.4:
     resolution: {integrity: sha512-cYj0LRuLV2c2sMqhqhGpaO3LretdtMn/BVX4cPLanIZuwwrkVl+lK84E/miEXkCHWXuq65rhNN4rXsBcOB3S4w==}
     peerDependencies:
@@ -6406,6 +6416,8 @@ snapshots:
 
   validate-npm-package-name@6.0.2: {}
 
+  validate-npm-package-name@7.0.2: {}
+
   vite-tsconfig-paths@5.1.4(supports-color@10.0.0)(typescript@5.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.6.1)(yaml@2.8.1)):
     dependencies:
       debug: 4.4.3(supports-color@10.0.0)