Remediate audit findings, replace vulnerable Firecrawl SDK, and harden release validation

[jatmn]

Summary

This PR addresses the dependency and release issues fixed on deps-update

The main goal was to resolve the npm audit findings reported against @gitlawb/openclaude, remove the vulnerable Firecrawl SDK path, and make the release path more reliable after the npm latest mismatch reported in issue #1027.

What prompted this PR

Running npm audit against the installed package reported:

• @anthropic-ai/sdk vulnerabilities affecting versions 0.79.0 - 0.91.0
• axios vulnerabilities affecting versions 1.0.0 - 1.15.1
• a vulnerable transitive path through @mendable/firecrawl-js

This branch addresses those findings in the package graph OpenClaude ships to consumers, and also hardens the release flow so a GitHub release does not succeed if npm has not actually updated latest to the expected version yet.

What changed

• Upgraded direct dependencies:
  • @anthropic-ai/sdk from 0.81.0 to 0.94.0
  • axios from 1.15.0 to 1.16.0
  • @anthropic-ai/bedrock-sdk from 0.26.4 to 0.29.1
  • @anthropic-ai/vertex-sdk from 0.14.4 to 0.16.0
• Regenerated bun.lock so Bun-based installs dedupe the Bedrock/Foundry/Vertex wrappers onto the patched Anthropic SDK path.
• Removed @mendable/firecrawl-js entirely from package.json.
• Replaced the Firecrawl SDK usage with a small in-repo fetch-based client used by:
  • src/tools/WebFetchTool/WebFetchTool.ts
  • src/tools/WebSearchTool/providers/firecrawl.ts
• Preserved Firecrawl self-hosted support while adding behavior that is better aligned with the old integration:
  • AbortSignal support for request cancellation
  • transient 502 retry/backoff handling
  • focused unit coverage for the new client
• Added a post-publish verification step to .github/workflows/release.yml so the release job fails if npm does not resolve both the package version and dist-tags.latest to the expected release version within the retry window.
• Hardened Bun test isolation after release validation exposed process-global mock leakage across shared modules:
  • preserve full module surfaces when mocking shared env/provider modules
  • remove unnecessary env / envUtils mocks from tests that did not need them
  • make the Codex OAuth profile cleanup test use a fresh providerProfile module import
  • relax the Windows-only directory permission assertion in providerProfile tests

User impact

• Consumers installing @gitlawb/openclaude no longer inherit the vulnerable Firecrawl SDK dependency path from this package.
• OpenClaude’s bundled Firecrawl integration remains supported without the external SDK and now supports cancellation plus retry behavior for transient upstream failures.
• Release automation is less likely to produce a GitHub release that appears complete before npm has actually updated the live latest tag.
• The local release gate is more trustworthy on Windows because the full serialized Bun suite no longer fails due to unrelated shared-module mock leakage.

Validation

• bun install --frozen-lockfile
• bun test --max-concurrency=1
• bun run smoke
• bun run build
• npm pack

Branch scope

This PR description covers only the branch-local work on deps-update:

• dependency remediation
• Firecrawl client replacement
• npm release verification hardening
• Bun test-harness isolation fixes discovered during release validation

[techbrewboss]

I found one release-validation blocker while testing this PR.

[techbrewboss]

Rereviewed latest head 232afcf. The execaSync symptom from the original comment is fixed, but the release-style cross-file failure is still present because src/utils/user.test.ts continues to leak partial ./auth.js and ./config.js mocks into later test files.

Current repros:

bun test src/utils/user.test.ts src/utils/effort.codex.test.ts
bun test src/utils/user.test.ts src/utils/openclaudeInstallSurfaces.test.ts

Current failures include:

SyntaxError: Export named 'isClaudeAISubscriber' not found in module src/utils/auth.ts
SyntaxError: Export named 'saveGlobalConfig' not found in module src/utils/config.ts

So the fix needs to address the underlying process-global partial mock leakage, not just add execaSync. Complete/pass-through mocks for the leaked modules, or restructuring the tests to avoid those global partial mocks before multi-file release validation, should close it.

[jatmn]

Rereviewed latest head 232afcf. The execaSync symptom from the original comment is fixed, but the release-style cross-file failure is still present because src/utils/user.test.ts continues to leak partial ./auth.js and ./config.js mocks into later test files.

Current repros:

bun test src/utils/user.test.ts src/utils/effort.codex.test.ts
bun test src/utils/user.test.ts src/utils/openclaudeInstallSurfaces.test.ts

Current failures include:

SyntaxError: Export named 'isClaudeAISubscriber' not found in module src/utils/auth.ts
SyntaxError: Export named 'saveGlobalConfig' not found in module src/utils/config.ts

So the fix needs to address the underlying process-global partial mock leakage, not just add execaSync. Complete/pass-through mocks for the leaked modules, or restructuring the tests to avoid those global partial mocks before multi-file release validation, should close it.

should be fixed now

[techbrewboss]

Rereviewed latest head 12744d7.

Good news: the cross-file mock issue is fixed now. These repros all pass for me:

bun test src/utils/user.test.ts src/utils/effort.codex.test.ts
bun test src/utils/user.test.ts src/utils/openclaudeInstallSurfaces.test.ts
bun test --max-concurrency=1 src/utils/user.test.ts src/utils/effort.codex.test.ts src/utils/openclaudeInstallSurfaces.test.ts src/utils/providerProfile.test.ts

I also verified:

bun test src/tools/firecrawl/client.test.ts src/tools/WebSearchTool/providers/firecrawl.test.ts
bun test src/tools/WebFetchTool
bun run smoke

One remaining issue, though: bun audit now fails with a moderate advisory:

ip-address <=10.1.0
@modelcontextprotocol/sdk -> express-rate-limit -> ip-address
moderate: ip-address has XSS in Address6 HTML-emitting methods

bun pm why ip-address resolves this to ip-address@10.1.0 via express-rate-limit@8.5.0, and npm view ip-address version shows 10.2.0 is available. Since this PR is framed as audit remediation, I think it should leave bun audit clean or explicitly document why this advisory is accepted/not reachable.

[jatmn]

Rereviewed latest head 12744d7.

Good news: the cross-file mock issue is fixed now. These repros all pass for me:

bun test src/utils/user.test.ts src/utils/effort.codex.test.ts
bun test src/utils/user.test.ts src/utils/openclaudeInstallSurfaces.test.ts
bun test --max-concurrency=1 src/utils/user.test.ts src/utils/effort.codex.test.ts src/utils/openclaudeInstallSurfaces.test.ts src/utils/providerProfile.test.ts

I also verified:

bun test src/tools/firecrawl/client.test.ts src/tools/WebSearchTool/providers/firecrawl.test.ts
bun test src/tools/WebFetchTool
bun run smoke

One remaining issue, though: bun audit now fails with a moderate advisory:

ip-address <=10.1.0
@modelcontextprotocol/sdk -> express-rate-limit -> ip-address
moderate: ip-address has XSS in Address6 HTML-emitting methods

bun pm why ip-address resolves this to ip-address@10.1.0 via express-rate-limit@8.5.0, and npm view ip-address version shows 10.2.0 is available. Since this PR is framed as audit remediation, I think it should leave bun audit clean or explicitly document why this advisory is accepted/not reachable.

cant fully resolve that one, updated to more recent version but a dependent in the chain we dont control is still out of date. So audit isnt fully green.. think we should come back in a week or so and re-run this audit for possible fixes then as well.

[kevincodex1]

Looks good to me!

[Vasanthdev2004]

Scope: Targeted review of current merge readiness only.

Verdict: Needs changes

This PR is currently DIRTY against main, so it cannot merge as-is and the final diff may change during conflict resolution. Please rebase/merge latest main and resolve the conflicts, then ping for a full review of the dependency, Firecrawl replacement, release workflow, and test-isolation changes.

Notes from the current state:

• The stated scope is important and worth doing: dependency audit remediation, replacing the vulnerable Firecrawl SDK path, and release verification hardening.
• Current GitHub checks are green, but they are from the pre-conflict head.
• Kevin has approved, but I do not want to overclaim a full approval until the conflict-resolved head is available.

Happy to re-review once the branch is clean.

[jatmn]

Scope: Targeted review of current merge readiness only.

Verdict: Needs changes

This PR is currently DIRTY against main, so it cannot merge as-is and the final diff may change during conflict resolution. Please rebase/merge latest main and resolve the conflicts, then ping for a full review of the dependency, Firecrawl replacement, release workflow, and test-isolation changes.

Notes from the current state:

• The stated scope is important and worth doing: dependency audit remediation, replacing the vulnerable Firecrawl SDK path, and release verification hardening.
• Current GitHub checks are green, but they are from the pre-conflict head.
• Kevin has approved, but I do not want to overclaim a full approval until the conflict-resolved head is available.

Happy to re-review once the branch is clean.

updated.