Skip to content

Evaluate major dependency upgrades (Q3 2026 batch) #47

Description

@NicolasDeNigris91

After merging #43 (ajv scope) and #44 (OTel + protobufjs), the
production audit is at found 0 vulnerabilities. The remaining
open Dependabot PRs are all major-version bumps that need
individual evaluation rather than auto-merge. Tracking them here
so the queue stays visible and intentional rather than red noise.

Backend production deps (highest blast radius)

Frontend production deps

Dev tooling — done together because they pair

Infrastructure

Notes

Metadata

Metadata

Assignees

No one assigned

    Labels

    trackingTracking issue grouping multiple related items

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions