chore(deps): update hono from v4.11.3 to fix high severity (#2393)

* chore(deps): update hono from v4.11.3 to fix high severity CVE-2026-22818

update hono from v4.11.3 to fix high severity CVE-2026-22818

GH-2392

* fix(cli): upgrade typescript-eslint to support Node 22

upgrade typescript-eslint to support Node 22

GH-2392

* docs(cli): added dummy commit

added dummy commit

GH-2392

* fix(workflows): fix audit workflows

fix audit workflows

GH-2392

Author: piyushsinghgaur1

.github/workflows/audit.yml

@@ -7,27 +7,49 @@ on:
     branches:
       - master
 jobs:
-  npm_audit:
+  node_matrix_audit:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [20, 22, 24]
     steps:
-      # Checks-out your repository under $GITHUB_WORKSPACE
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: 20.x
+          node-version: ${{ matrix.node-version }}
 
       - name: Install Monorepo Deps
         run: npm ci --ignore-scripts
-      - name: Run After Install Script  
-        run: npm run afterinstall  
+      - name: Run After Install Script
+        run: npm run afterinstall
 
       - name: Run npm audit
-        run: >
-          npm audit --json |
-          node -e '
+        run: |
+          npm audit --json | node -e '
             const fs = require("fs");
-            const auditLevel = (process.argv[1] || "critical").toLowerCase();
-            const { vulnerabilities } = JSON.parse(fs.readFileSync(0).toString("utf-8"));
-            const result = Object.values(vulnerabilities).filter((i) => i.severity.toLowerCase() === auditLevel);
-            console.table(JSON.stringify(result, null, 2));
+            const auditLevel = (process.argv[2] || "critical").toLowerCase();
+            const raw = fs.readFileSync(0).toString("utf-8");
+            let vulnerabilities = {};
+            try {
+              const parsed = JSON.parse(raw || "{}");
+              vulnerabilities = parsed.vulnerabilities || {};
+            } catch (e) {
+              console.error("Failed to parse npm audit output:", e.message || e);
+              process.exit(2);
+            }
+            const result = Object.values(vulnerabilities).filter((i) => i && i.severity && i.severity.toLowerCase() === auditLevel);
+            if (result.length) {
+              console.log(JSON.stringify(result, null, 2));
+              process.exit(1);
+            } else {
+              console.log('[]');
+            }
           ' high
+
+  npm_audit:
+    runs-on: ubuntu-latest
+    needs: node_matrix_audit
+    if: success()
+    steps:
+      - name: Final status
+        run: echo "✅ npm audit passed for Node.js 20, 22 and 24"

.github/workflows/main.yml

@@ -19,7 +19,7 @@ jobs:
           node-version: ${{ matrix.node-version }}
       - name: Install Monorepo Deps
         run: npm ci --ignore-scripts
-      - name: Run After Install Script  
+      - name: Run After Install Script
         run: npm run afterinstall
       - name: Run Test Cases
         run: npm run test --workspaces --if-present

README.md

@@ -1,6 +1,6 @@
 <p align="center">
   <a href="https://sourcefuse.github.io/arc-docs/arc-api-docs" target="blank"><img src="https://github.com/sourcefuse/loopback4-microservice-catalog/blob/master/docs/assets/logo-dark-bg.png?raw=true" width="180" alt="ARC Logo" /></a>
-</p>
+</p> 
 
 <p align="center">
   ARC by SourceFuse is an open-source Rapid Application Development framework for developing cloud-native enterprise applications, utilizing prebuilt microservices and standardized architectures for deployment on private and public clouds.