fix: resolve all npm audit vulnerabilities

ochafik · ochafik · commit 1f1bc4122bf8 · 2026-06-04T21:06:18.000+01:00
- Remove unused vitest devDependency from basic-host (critical advisory, package was never referenced by any test or config) - systeminformation ^5.31.5 -> ^5.31.6 (command injection, GHSA-hvx9-hwr7-wjj9) - Lockfile-only bumps: devalue 5.8.1, fast-uri 3.1.2, hono 4.12.23, ip-address 10.2.0, express-rate-limit 8.5.2, postcss 8.5.15, qs 6.15.2, svelte 5.56.1 npm audit now reports 0 vulnerabilities.
diff --git a/examples/basic-host/package.json b/examples/basic-host/package.json
@@ -29,7 +29,6 @@
     "prettier": "^3.6.2",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
-    "vite-plugin-singlefile": "^2.3.0",
-    "vitest": "^3.2.4"
+    "vite-plugin-singlefile": "^2.3.0"
   }
 }
diff --git a/examples/system-monitor-server/package.json b/examples/system-monitor-server/package.json
@@ -31,7 +31,7 @@
     "chart.js": "^4.4.0",
     "cors": "^2.8.5",
     "express": "^5.1.0",
-    "systeminformation": "^5.31.5",
+    "systeminformation": "^5.31.6",
     "zod": "^4.1.13"
   },
   "devDependencies": {
diff --git a/package-lock.json b/package-lock.json

Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,6 @@`
`29`	`29`	`"prettier": "^3.6.2",`
`30`	`30`	`"typescript": "^5.9.3",`
`31`	`31`	`"vite": "^6.0.0",`
`32`		`- "vite-plugin-singlefile": "^2.3.0",`
`33`		`- "vitest": "^3.2.4"`
	`32`	`+ "vite-plugin-singlefile": "^2.3.0"`
`34`	`33`	`}`
`35`	`34`	`}`