mirror of
https://github.com/InvoiceShelf/InvoiceShelf.git
synced 2026-07-16 22:05:20 +00:00
Clears all 7 npm advisories surfaced by `yarn audit` (3 high, 4 moderate -> 0). These are not surfaced by Dependabot since 3.x is not the default branch. - axios 1.14.0 -> 1.17.0 (high; was exact-pinned) - vite 8.0.3 -> 8.0.16 (high) - marked 18.0.1 -> 18.0.5 (high; AI-chat markdown parser) - dompurify 3.3.3 -> 3.4.8 (moderate; AI-chat HTML sanitizer) - postcss 8.5.8 -> 8.5.15 (moderate) - follow-redirects 1.15.11 -> 1.16.0 (moderate) - brace-expansion 5.0.5 -> 5.0.6 (moderate; dev-only transitive under eslint, pinned via resolutions) Updates the tracked yarn.lock; `yarn build` verified.
1.9 KiB
1.9 KiB