Skip to content

Update dependencies and yarn, fix security vulnerabilities#266

Merged
didoesdigital merged 5 commits into
masterfrom
security-fixes
Apr 13, 2026
Merged

Update dependencies and yarn, fix security vulnerabilities#266
didoesdigital merged 5 commits into
masterfrom
security-fixes

Conversation

@didoesdigital

@didoesdigital didoesdigital commented Apr 13, 2026

Copy link
Copy Markdown
Owner

This PR updates yarn from 4.7.0 to 4.13.0, bumps the node engines entry from 20 to 22, fixes new eslint version lint errors, adds yarn's npmMinimalAgeGate: "5d", and updates a variety of dependencies.

Updates minor/patch versions for direct deps:

"@sentry/react": "^10.48.0",
"@sentry/vite-plugin": "^4.9.1",
"react-chatbot-kit": "^2.2.2",
"react-router-dom": "^6.30.3",

Updates direct dep query-string a major version from ^6.2.0 to ^7.1.3

Updates minor/patch versions of dev deps:

"@eslint/js": "^9.39.4",
"@storybook/addon-a11y": "8.6.18",
"@storybook/addon-actions": "8.6.18",
"@storybook/addon-essentials": "8.6.18",
"@storybook/addon-interactions": "8.6.18",
"@storybook/addon-links": "8.6.18",
"@storybook/react": "8.6.18",
"@storybook/react-vite": "8.6.18",
"@storybook/test": "8.6.18",
"eslint": "9.39.4",
"sass-embedded": "^1.99.0",
"storybook": "8.6.18",
"typescript-eslint": "8.58.1",
"vite": "^7.3.2",

Adds resolutions for transitive deps:

@babel/runtime
braces
brace-expansion
d3-color
flatted
glob
js-yaml
lodash
micromatch
minimatch
picomatch
semver
tar
ws

@didoesdigital didoesdigital merged commit e18e2ea into master Apr 13, 2026
1 check passed
@didoesdigital didoesdigital deleted the security-fixes branch April 13, 2026 01:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@didoesdigital