Skip to content

[Arvion] Security remediation: Update @auth/core to 0.41.1#12

Open
arvion-bot[bot] wants to merge 1 commit intomainfrom
arvion-fix-41669728-604d-4fcb-acd2-674ccdd0c37b-ml92a2o4
Open

[Arvion] Security remediation: Update @auth/core to 0.41.1#12
arvion-bot[bot] wants to merge 1 commit intomainfrom
arvion-fix-41669728-604d-4fcb-acd2-674ccdd0c37b-ml92a2o4

Conversation

@arvion-bot
Copy link
Copy Markdown

@arvion-bot arvion-bot bot commented Feb 5, 2026

Arvion Logo

Security Remediation

Fix 1 Vulnerability

Auto-generated by Arvion - This PR automatically remediates 1 vulnerability by updating 1 dependency and modifying 2 files.

Executive Summary

Vulnerabilities Fixed

Critical - 0 Fixed
None 		High - 0 Fixed
None

Dependency Updates

1 packages updated

@auth/core 0.34.3 → 0.41.1

Code Changes

2 files modified

Arvion Impact Analysis Diagram

Interactive visualization showing vulnerability → dependency → code change flow

Click any file node to jump to detailed code review below

%%{init: {'theme':'dark', 'themeVariables': {'fontSize':'14px'}}}%%
graph LR
    subgraph CVEs["Vulnerabilities Fixed"]
        CVE1["LOW GHSA-pxg6-pf52-xh8x<br/>No description available..."]
    end

    subgraph DEPS["Dependencies Updated"]

    end

    subgraph FILES["Files Modified"]
        FILE1["package.json"]
        FILE2["package-lock.json"]
    end



    click FILE1 "#file-1-package-json" "View detailed changes"
    click FILE2 "#file-2-package-lock-json" "View detailed changes"
Loading

Quick Summary

2 files modified

File Type Breaking Review
package.json manifest No Jump to review →
package-lock.json compatible No Jump to review →

Vulnerabilities Addressed

GHSA-pxg6-pf52-xh8x - No description available (LOW) - Click to expand

Severity: LOW
Status: FIXED

Summary:
No description available

Details:

Affected Packages:

  • cookie

References:

Dependency Update Summary

View dependency changes - Click to expand

Dependency Updates

Package Old Version New Version Change Type Fixes CVEs
@auth/core 0.34.3 0.41.1 Safe N/A

Arvion Code Review

Powered by Arvion's AI-driven code analysis

Click any file below to see detailed explanations and automated fix rationale

File 1: package.json

Type: manifest

View changes - Click to expand

Why: Updated 1 dependencies:
@auth/core (dependencies): ^0.34.2 → ^0.41.1

↑ Back to summary

File 2: package-lock.json

Type: compatible

View changes - Click to expand

Why: Regenerated package-lock.json to sync with package.json updates

↑ Back to summary

Rollback Instructions

If issues occur after merging, you can revert the dependency changes:

Rollback using npm

git checkout HEAD~1 -- package-lock.json
npm install

Or manually pin to previous versions in package.json:

"@auth/core": "0.34.3",

💡 Tip: Always run your test suite after rollback to verify functionality.

Need Help?

Arvion Support Resources:

Arvion Logo

Auto-generated by Arvion Security Platform
Intelligent vulnerability remediation with automated code fixes
Generated: 2026-02-05 06:14:24 UTC | Remediation ID: 41669728-604d-4fcb-acd2-674ccdd0c37b

@vercel
Copy link
Copy Markdown
Contributor

vercel bot commented Feb 5, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
cloud-archive-ui Error Error Feb 5, 2026 6:14am

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants