[+] Starting verification for CVE-2026-34752 fix
[+] Using patch: /data/pruva/runs/9b6913fe-f25f-4839-8514-b78baa32a84f/coding/proposed_fix.diff
[+] Installing vulnerable baseline package haraka-email-message@1.2.0

added 12 packages, and audited 13 packages in 3s

1 package is looking for funding
  run `npm fund` for details

found 0 vulnerabilities
[+] Verifying baseline is vulnerable
[+] Vulnerable behavior confirmed: this.headers[key][method] is not a function
[+] Applying proposed patch
patching file index.js
[+] Verifying patched package is not vulnerable
[+] Patched behavior confirmed: no crash and normal parsing preserved
[+] Verification successful