Worked on security hardening for the MetaMask/metamask-extension repository by addressing a minimatch regular expression denial-of-service (ReDoS) advisory in development and build-time dependencies. The solution involved managing dependency risk through a YAML-based configuration that ignored the advisory in CI/CD pipelines, aligning with best practices in dependency and security management. This approach reduced the attack surface during builds without affecting end-user functionality or introducing breaking changes. The work focused on strengthening the security posture of the development pipeline, ensuring that supply chain vulnerabilities in dev dependencies were mitigated while maintaining stability and reliability for downstream users and contributors.