fix(ci): upgrade nodemon to ^3 to resolve semver ReDoS vulnerability

nodemon@2 depends on simple-update-notifier which depends on a vulnerable range of semver (7.0.0-7.5.1, GHSA-c2qf-rxjj-qqgw). Upgrading to nodemon@3 pulls in a clean dependency tree. npm audit now reports 0 vulnerabilities.
2026-05-16 17:11:24 +01:00
parent 663826e295
commit 031877e6a0
2 changed files with 85 additions and 96 deletions
--- a/package.json
+++ b/package.json
@@ -21,7 +21,7 @@
  },
  "devDependencies": {
    "concurrently": "^7.6.0",
-    "nodemon": "^2.0.22"
+    "nodemon": "^3.1.14"
  },
  "keywords": [
    "sabnzbd",