Skip to content

Commit d5af4bc

Browse files
TellMeAlexTellMeAlex
committed
fix(deps): update Astro to 6.0.4 and fix security vulnerabilities
- Update astro from 4.16.19 to 6.0.4 (fixes XSS, auth bypass, and other CVEs) - Update @astrojs/svelte from 7.2.5 to 8.0.0 - Update svelte from 5.45.5 to 5.53.11 - Add pnpm override for lodash >=4.17.23 (prototype pollution fix) All 12 vulnerabilities resolved.
1 parent 62a1c60 commit d5af4bc

2 files changed

Lines changed: 1014 additions & 1706 deletions

File tree

package.json

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -10,17 +10,22 @@
1010
"astro": "astro"
1111
},
1212
"dependencies": {
13-
"@astrojs/svelte": "^7.2.2",
14-
"astro": "^4.16.19",
13+
"@astrojs/svelte": "^8.0.0",
14+
"astro": "^6.0.4",
1515
"gsap": "^3.13.0",
1616
"lucide-svelte": "^0.555.0",
17-
"svelte": "^5.45.5",
17+
"svelte": "^5.53.11",
1818
"tailwindcss": "^4.1.17"
1919
},
2020
"devDependencies": {
21-
"@astrojs/check": "^0.9.4",
21+
"@astrojs/check": "^0.9.7",
2222
"@tailwindcss/postcss": "^4.1.17",
2323
"postcss": "^8.5.6",
2424
"typescript": "^5.7.2"
25+
},
26+
"pnpm": {
27+
"overrides": {
28+
"lodash": ">=4.17.23"
29+
}
2530
}
2631
}

0 commit comments

Comments
 (0)