Fix HIGH severity serialize-javascript vulnerability via npm overrides

[Copilot]

serialize-javascript was resolving to 6.0.2 (via terser-webpack-plugin → webpack) which carries a HIGH severity CVE. The fix pins it to >=7.0.3 using npm's overrides mechanism.

Changes

• package.json: Added overrides entry to force serialize-javascript >= 7.0.3

  "overrides": {
    "serialize-javascript": ">=7.0.3"
  }

• package-lock.json: Resolves serialize-javascript to 7.0.4 (previously 6.0.2)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[Vuln Tracking] Update serialize-javascript in github-well-architected and github-well-architected-internal to fix HIGH vulnerability (due 2026-
[Content truncated due to length]</issue_title>
<issue_description>## Vulnerability

github-well-architected and github-well-architected-internal both have High severity Dependabot alerts for serialize-javascript requiring an update to >= 7.0.3.

• Severity: High
• Due Date: 2026-04-02
• Service: github-well-architected (Tier 2), github-well-architected-internal (Tier 2)
• Owner: @github/customer-success-engineering
• Dependabot Alerts:
  • github-well-architected Dependabot github/customer-success-engineering#21
  • github-well-architected-internal Dependabot github/customer-success-engineering#31
• Vuln-mgmt Summaries:
  • github-well-architected github/customer-success-engineering#182027
  • github-well-architected-internal github/customer-success-engineering#182099

Remediation Instructions

This tracking issue covers two repositories that need the same fix.

github-well-architected

Before creating a new PR, check if there is already an open Dependabot PR in github/github-well-architected for serialize-javascript. If one exists, review it and approve/update it instead of creating a duplicate.

If no existing PR is found:

1. Update package.json and lockfile to use serialize-javascript >= 7.0.3.
2. Run npm update serialize-javascript or equivalent.
3. Ensure tests pass.
4. Open a PR targeting main, requesting review from @github/cse-engineers.

github-well-architected-internal

Same steps as above but in github/github-well-architected-internal with Dependabot github/customer-success-engineering#31.

Target Repository

Primary: github/github-well-architected — please also check/fix github/github-well-architected-internal.

Generated by Vulnerability Tracking

Comments on the Issue (you are @copilot in this section)

• Fixes github/customer-success-engineering#5501

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.