Skip to content

chore(postguard-business): update dependencies#3

Merged
rubenhensen merged 1 commit into
mainfrom
chore/update-dependencies
Apr 20, 2026
Merged

chore(postguard-business): update dependencies#3
rubenhensen merged 1 commit into
mainfrom
chore/update-dependencies

Conversation

@dobby-coder

@dobby-coder dobby-coder Bot commented Apr 20, 2026

Copy link
Copy Markdown
Contributor

Summary

Routine dependency maintenance. Patch-level bumps within existing semver ranges; only package-lock.json changes.

Updated

  • eslint (dev): 10.2.0 → 10.2.1
  • typescript (dev): 6.0.2 → 6.0.3
  • vite (dev): 8.0.8 → 8.0.9

Security

npm audit reports 8 vulnerabilities (3 low, 5 moderate) in transitive dev deps:

  • cookie < 0.7.0 via an old advisory path in @sveltejs/kit — the audit suggests downgrading kit to 0.0.30, which is nonsense. Current kit (2.57) already mitigates this in practice. Skipped.
  • esbuild <= 0.24.2 via drizzle-kit (@esbuild-kit/*) and svelte-i18n — dev-only, fix would downgrade svelte-i18n to 3.7.1. Skipped; needs upstream fixes.

Skipped

  • @types/node 24 → 25 — major.
  • @privacybydesign/yivi-* — npm reports 0.2.1 as latest but current 1.0.0-beta.4 is newer.

Test plan

  • npm run build → clean (with DATABASE_URL set)
  • npm run check → 0 errors, 0 warnings
  • npm run test:unit -- --run → 10/10 pass

🤖 Generated with Claude Code

Patch-level updates only:
- eslint: 10.2.0 → 10.2.1
- typescript: 6.0.2 → 6.0.3
- vite: 8.0.8 → 8.0.9

Tests: 10/10 pass. Build: clean. svelte-check: 0 errors.
@dobby-coder dobby-coder Bot requested a review from rubenhensen April 20, 2026 08:24
@rubenhensen rubenhensen marked this pull request as ready for review April 20, 2026 08:45
@rubenhensen rubenhensen merged commit f4676e0 into main Apr 20, 2026
7 checks passed
@rubenhensen rubenhensen deleted the chore/update-dependencies branch April 20, 2026 08:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant