Description

This PR updates the validator dependency from 13.15.20 → 13.15.23 to address a high-severity security vulnerability (GHSA-vghf-hv5q-vc2g / CVE-2025-12758).

Vulnerability Details

• Severity: High (CVSS 7.5)
• Package: validator < 13.15.22
• Issue: Incomplete filtering of Unicode variation selectors (\uFE0F, \uFE0E) in the isLength() function
• Impact: Miscalculation of string lengths, potentially leading to:
  • Data truncation when saving to databases
  • Buffer overflows in downstream systems
  • Potential denial-of-service (DoS) attacks
• Fixed in: validator >= 13.15.22
• Advisory: GHSA-vghf-hv5q-vc2g
• CVE: CVE-2025-12758

Changes

• ✅ Updated validator from ^13.15.20 to ^13.15.23 in package.json
• ✅ Updated package-lock.json accordingly
• ✅ All tests pass (747 tests)
• ✅ Code style checks pass

Checklist

• The pull request title clearly describes the purpose of the PR
• The pull request targets the default branch (develop)
• The code follows the established repository style
  • npm run prettier:check passes ✅
  • npm run lint:check passes ✅
• Tests added if source code changed — N/A: dependency update only; all existing tests pass (747/747)
• Documentation added or updated — N/A: security patch
• I have run the project locally and verified that there are no errors ✅

Fixes

Fixes the security vulnerability GHSA-vghf-hv5q-vc2g (CVE-2025-12758).