diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
index b20a1fd356..489b7a4f0d 100644
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
@@ -9,3 +9,5 @@
 - After updating, verify: `npm run compile` (build), `npm run lint` (lint), `npm audit` (security)
 - The ESLint packages (`eslint`, `@eslint/js`, `typescript-eslint`, `eslint-config-prettier`) should be updated together
 - Fix any new lint warnings from updates to ESLint
+- Use `npm audit` to identify vulnerabilities
+- Do not use `npm audit fix --force` when a vulnerability is in a transitive dependency, instead add an `overrides` entry
diff --git a/package-lock.json b/package-lock.json
index 0c25a6d0c6..10c509ba77 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -12,7 +12,6 @@
         "@microsoft/applicationinsights-common": "^3.4.1",
         "@vscode/extension-telemetry": "^1.5.1",
         "semver": "^7.7.4",
-        "typescript": "^6.0.2",
         "untildify": "^4.0.0",
         "uuid": "^13.0.0",
         "vscode-languageclient": "^9.0.1",
@@ -2896,8 +2895,8 @@
       }
     },
     "node_modules/diff": {
-      "version": "7.0.0",
-      "integrity": "sha1-P7NNOHzXbYA/buvqZ7kh2rAYKpo=",
+      "version": "8.0.4",
+      "integrity": "sha1-T1uvMYi5skMRF7li6yC6Mw+t9pY=",
       "license": "BSD-3-Clause",
       "optional": true,
       "engines": {
@@ -5405,15 +5404,6 @@
       ],
       "license": "MIT"
     },
-    "node_modules/randombytes": {
-      "version": "2.1.0",
-      "integrity": "sha1-32+ENy8CcNxlzfYpE0mrekc9Tyo=",
-      "license": "MIT",
-      "optional": true,
-      "dependencies": {
-        "safe-buffer": "^5.1.0"
-      }
-    },
     "node_modules/rc": {
       "version": "1.2.8",
       "integrity": "sha1-zZJL9SAKB1uDwYjNa54hG3/A0+0=",
@@ -5610,7 +5600,7 @@
     "node_modules/safe-buffer": {
       "version": "5.2.1",
       "integrity": "sha1-Hq+fqb2x/dTsdfWPnNtOa3gn7sY=",
-      "devOptional": true,
+      "dev": true,
       "funding": [
         {
           "type": "github",
@@ -5675,12 +5665,12 @@
       }
     },
     "node_modules/serialize-javascript": {
-      "version": "6.0.2",
-      "integrity": "sha1-3voeBVyDv21Z6oBdjahiJU62psI=",
+      "version": "7.0.5",
+      "integrity": "sha1-x5jMBVL/uwiYGRSkKodW4znQ1bE=",
       "license": "BSD-3-Clause",
       "optional": true,
-      "dependencies": {
-        "randombytes": "^2.1.0"
+      "engines": {
+        "node": ">=20.0.0"
       }
     },
     "node_modules/setimmediate": {
@@ -5858,15 +5848,6 @@
         "url": "https://opencollective.com/sinon"
       }
     },
-    "node_modules/sinon/node_modules/diff": {
-      "version": "8.0.4",
-      "integrity": "sha1-T1uvMYi5skMRF7li6yC6Mw+t9pY=",
-      "license": "BSD-3-Clause",
-      "optional": true,
-      "engines": {
-        "node": ">=0.3.1"
-      }
-    },
     "node_modules/sinon/node_modules/supports-color": {
       "version": "7.2.0",
       "integrity": "sha1-G33NyzK4E4gBs+R4umpRyqiWSNo=",
diff --git a/package.json b/package.json
index 015eaedcd2..e4e046f55f 100644
--- a/package.json
+++ b/package.json
@@ -94,6 +94,10 @@
     "typescript": "^6.0.2",
     "typescript-eslint": "^8.58.0"
   },
+  "overrides": {
+    "serialize-javascript": "^7.0.5",
+    "diff": "^8.0.3"
+  },
   "extensionDependencies": [
     "vscode.powershell"
   ],