fix(security): fix npm audit (#7824)

0xFFrancesco · web-flow · commit a0641031adf8 · 2026-04-13T15:16:03.000Z
# Motivation Npm detected a security vulnerability: ``` @sveltejs/kit <=2.57.0 Severity: high @sveltejs/kit: Unvalidated redirect in handle hook causes Denial-of-Service - GHSA-3f6h-2hrp-w5wx @sveltejs/adapter-node has a BODY_SIZE_LIMIT bypass - GHSA-2crg-3p73-43xp fix available via `npm audit fix` ``` # Changes Run npm audit fix + fix TS new detection. # Tests Tests should pass. # Todos - [x] Accessibility (a11y) – any impact? - [x] Changelog – is it needed?
diff --git a/frontend/package-lock.json b/frontend/package-lock.json
diff --git a/frontend/src/app.d.ts b/frontend/src/app.d.ts
@@ -7,3 +7,14 @@ declare namespace App {
   // interface Error {}
   // interface Platform {}
 }
+
+/** WICG File System Access — TypeScript's bundled `lib.dom` does not declare `showSaveFilePicker` on `Window`. */
+interface Window {
+  showSaveFilePicker?: (options: {
+    suggestedName?: string;
+    types?: Array<{
+      description: string;
+      accept: Record<string, string[]>;
+    }>;
+  }) => Promise<FileSystemFileHandle>;
+}
diff --git a/frontend/src/lib/utils/reporting.save-csv-to-file.utils.ts b/frontend/src/lib/utils/reporting.save-csv-to-file.utils.ts
@@ -23,7 +23,7 @@ const saveFileWithPicker = async ({
   description: string;
 }) => {
   try {
-    const handle = await window.showSaveFilePicker({
+    const handle = await window.showSaveFilePicker!({
       suggestedName: `${fileName}.csv`,
       types: [
         {

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,7 @@ const saveFileWithPicker = async ({`
`23`	`23`	`description: string;`
`24`	`24`	`}) => {`
`25`	`25`	`try {`
`26`		`- const handle = await window.showSaveFilePicker({`
	`26`	`+ const handle = await window.showSaveFilePicker!({`
`27`	`27`	suggestedName: `${fileName}.csv`,
`28`	`28`	`types: [`
`29`	`29`	`{`