Commit c775a60
chore(deps): bump vitest to 4.1.8 to clear critical audit finding
npm audit --audit-level=high (the Dependency Security Audit CI job) now
fails on a newly published critical advisory in vitest <4.1.0
(GHSA-5xrq-8626-4rwp: Vitest UI server can read/execute arbitrary files).
Bump vitest from ^4.0.18 to ^4.1.8. audit --audit-level=high exits 0; all
96 unit tests pass. Unblocks unrelated PRs whose CI this was failing.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent 457c183 commit c775a60
2 files changed
Lines changed: 85 additions & 64 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
34 | 34 | | |
35 | 35 | | |
36 | 36 | | |
37 | | - | |
| 37 | + | |
38 | 38 | | |
39 | 39 | | |
40 | 40 | | |
| |||
0 commit comments