fix(docker): restore npm@11.14.0 lost in merge resolution

Merge of cve-sweep-2026-05 into litellm_yj_may7 picked the older npm@11.12.1 line, regressing the bump in f08b1b63fa that cleared ip-address GHSA-v2v4-37r5-5v8g (npm@11.12.1 bundles ip-address@10.1.0; 11.14.0 bundles 10.1.1).
2026-05-07 17:25:10 -07:00 · 2026-05-07 17:25:10 -07:00 · 5e2c283604
commit 5e2c283604
parent 5082f9bc71
1 changed files with 1 additions and 1 deletions
--- a/2
+++ b/2
@ -69,7 +69,7 @@ FROM $LITELLM_RUNTIME_IMAGE AS runtime
 USER root

 RUN apk add --no-cache bash openssl tzdata nodejs npm python3 libsndfile && \
-    npm install -g npm@11.12.1 tar@7.5.11 glob@13.0.6 @isaacs/brace-expansion@5.0.1 brace-expansion@5.0.5 minimatch@10.2.4 diff@8.0.3 picomatch@4.0.4 && \
+    npm install -g npm@11.14.0 tar@7.5.11 glob@13.0.6 @isaacs/brace-expansion@5.0.1 brace-expansion@5.0.5 minimatch@10.2.4 diff@8.0.3 picomatch@4.0.4 && \
    GLOBAL="$(npm root -g)" && \
    for pkg in tar glob @isaacs/brace-expansion brace-expansion minimatch diff picomatch; do \
        name="${pkg##*/}"; \