Skip to content

Upgrade dependencies and security overrides#219

Draft
LIU9293 wants to merge 1 commit into
mainfrom
agent/security-dependency-upgrades
Draft

Upgrade dependencies and security overrides#219
LIU9293 wants to merge 1 commit into
mainfrom
agent/security-dependency-upgrades

Conversation

@LIU9293

@LIU9293 LIU9293 commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

Summary

  • upgrade root and web workspace dependencies
  • add patched transitive dependency overrides
  • refresh both Bun lockfiles

Why

This removes the moderate-or-higher advisories from the existing dependency graph while keeping runtime APIs compatible.

Impact

Core and web behavior remain unchanged; build and test tooling now resolves maintained package versions.

Validation

  • root and web bun audit: no vulnerabilities
  • bun run typecheck: passed
  • bun test: 420 passed, 1 explicitly gated live-provider test skipped
  • web svelte-check: 0 errors and 0 warnings
  • bun run build:web: passed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant