Update command-line-usage to ^7.0.3 to resolve @75lb/deep-merge security vulnerability

## Description
@web/test-runner@0.20.2 currently uses `command-line-usage@^7.0.1`, which has a transitive dependency on a vulnerable version of `@75lb/deep-merge@1.1.1` (prototype pollution vulnerability).

## Current Dependency Chain
```
@web/test-runner@0.20.2
└── command-line-usage@7.0.1
    └── table-layout@3.0.2
        └── @75lb/deep-merge@^1.1.1 (VULNERABLE)
```

## Proposed Solution
Update to `command-line-usage@^7.0.3` which uses `table-layout@^4.1.0` that has removed the vulnerable dependency entirely.

## Security Impact
- **Vulnerability**: Prototype Pollution in @75lb/deep-merge@1.1.1
- **CVE Reference**: https://github.com/75lb/deep-merge/issues/1
- **Current Workaround**: Using yarn resolutions to force @75lb/deep-merge@1.1.2

## Versions
- @web/test-runner: 0.20.2
- command-line-usage current: 7.0.1
- command-line-usage latest: 7.0.3


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Update command-line-usage to ^7.0.3 to resolve @75lb/deep-merge security vulnerability #2996

Description

Current Dependency Chain

Proposed Solution

Security Impact

Versions

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Update command-line-usage to ^7.0.3 to resolve @75lb/deep-merge security vulnerability #2996

Description

Description

Current Dependency Chain

Proposed Solution

Security Impact

Versions

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions