Skip to content

Commit 6d5d2b5

Browse files
devakoneclaude
andcommitted
fix: resolve all npm audit vulnerabilities
Upgrade next 16.1.2 → 16.1.6 (3 high-severity CVEs: DoS via Image Optimizer, PPR memory consumption, RSC deserialization). Upgrade vitest ^1 → ^3 and add vite ^7 to resolve esbuild <=0.24.2 dev server vulnerability chain. Add root-level next override to ensure inngest transitive dependency uses patched version. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1 parent 78d96a6 commit 6d5d2b5

4 files changed

Lines changed: 1702 additions & 1553 deletions

File tree

apps/web/package.json

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@
2525
"cmdk": "^1.1.1",
2626
"inngest": "^3.49.3",
2727
"lucide-react": "^0.562.0",
28-
"next": "16.1.2",
28+
"next": "16.1.6",
2929
"qrcode": "^1.5.4",
3030
"react": "19.2.3",
3131
"react-dom": "19.2.3",
@@ -39,10 +39,11 @@
3939
"@types/react": "^19",
4040
"@types/react-dom": "^19",
4141
"eslint": "^9",
42-
"eslint-config-next": "16.1.2",
42+
"eslint-config-next": "16.1.6",
4343
"tailwindcss": "^4",
4444
"tw-animate-css": "^1.4.0",
4545
"typescript": "^5",
46-
"vitest": "^1"
46+
"vite": "^7",
47+
"vitest": "^3"
4748
}
4849
}

0 commit comments

Comments
 (0)