Skip to content

[codex] Fix dependency audit vulnerabilities#4

Merged
rgilks merged 1 commit into
mainfrom
codex/dependency-security-audit
Jun 3, 2026
Merged

[codex] Fix dependency audit vulnerabilities#4
rgilks merged 1 commit into
mainfrom
codex/dependency-security-audit

Conversation

@rgilks
Copy link
Copy Markdown
Collaborator

@rgilks rgilks commented Jun 3, 2026

Summary

  • upgrade vulnerable Next.js, OpenNext Cloudflare, Wrangler, Drizzle, Vitest, and transitive audit dependencies
  • add server-side bounds for saved game payloads and make persisted Zustand storage SSR-safe
  • stabilize e2e smoke tests by waiting for async DB saves and running the shared local DB suite serially
  • run PR CI on pull requests while keeping Cloudflare deploy restricted to main pushes

Validation

  • npm audit --json: 0 vulnerabilities
  • npm run check
  • npm run build
  • manual browser smoke on localhost:3006: classic mode, board render, dice roll, help open/close, no console errors

@rgilks rgilks marked this pull request as ready for review June 3, 2026 08:46
@rgilks rgilks merged commit 0d3cc01 into main Jun 3, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rgilks