diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 256dc6b..67f92f4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,6 +32,9 @@ jobs: - name: Install dependencies run: pnpm install --frozen-lockfile + + - name: Run security audit + run: pnpm run security-audit --strict - name: Build packages run: pnpm run build diff --git a/README.md b/README.md index fcee0e9..c5ad515 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,7 @@ const themed = applyPreviewTheme(raw); // wraps elements with cm-* classes ``` Pair with any theme CSS (`github.css`, `github-dark.css`, `minimal.css`, or `system.css`) and the styled output just works. +Sanitize untrusted HTML before assigning the themed output to the DOM. ### React Components @@ -117,6 +118,8 @@ const html = await renderAsync(blocks, { }); ``` +Preview output is intended for trusted content by default. If the markdown or generated HTML can come from users, sanitize it before rendering. + ### CSS Custom Property Theming The `system.css` theme uses CSS custom properties so it adapts to any design system: @@ -148,7 +151,7 @@ import '@create-markdown/preview/themes/system.css'; ### BYO Sanitizer -Pass any sanitizer function instead of relying on a built-in implementation: +Pass any sanitizer function when rendering untrusted content: ```typescript import { blocksToHTML } from '@create-markdown/preview'; @@ -193,6 +196,8 @@ Use `shadowMode: 'none'` to render in the light DOM and inherit page styles: registerPreviewElement({ shadowMode: 'none' }); ``` +The web component also assumes trusted markdown by default, so sanitize user-provided content before passing it in. + ## Documentation | Document | Description | diff --git a/SECURITY.md b/SECURITY.md index 8c01770..8baae59 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,8 +6,8 @@ We release patches for security vulnerabilities in the following versions: | Version | Supported | | ------- | ------------------ | -| 1.x.x | :white_check_mark: | -| < 1.0 | :x: | +| 2.x.x | :white_check_mark: | +| < 2.0 | :x: | ## Reporting a Vulnerability @@ -16,7 +16,7 @@ We take the security of create-markdown seriously. If you discover a security vu ### How to Report 1. **Do not** open a public GitHub issue for security vulnerabilities -2. Email your findings to **val@viewdue.ai** (replace with your actual security email) +2. Email your findings to **val@viewdue.ai** 3. Alternatively, use [GitHub's private vulnerability reporting](https://github.com/BunsDev/create-markdown/security/advisories/new) ### What to Include @@ -51,10 +51,11 @@ We will not pursue civil action or initiate a complaint to law enforcement for a When using create-markdown in your projects: 1. **Sanitize User Input**: Always sanitize markdown content from untrusted sources before rendering -2. **Keep Dependencies Updated**: Regularly update to the latest version to receive security patches -3. **Content Security Policy**: Implement appropriate CSP headers when rendering markdown in browsers -4. **Review Generated HTML**: Be cautious with HTML output, especially when allowing raw HTML in markdown +2. **Treat Mermaid as Trusted by Default**: Use `mermaidPlugin({ config: { securityLevel: 'strict' } })` when diagram text can come from users +3. **Keep Dependencies Updated**: Regularly update to the latest version to receive security patches +4. **Content Security Policy**: Implement appropriate CSP headers when rendering markdown in browsers +5. **Review Generated HTML**: Be cautious with HTML output, especially when allowing raw HTML in markdown ## Acknowledgments -We appreciate the security research community's efforts in helping keep create-markdown secure. Contributors who report valid security issues will be acknowledged here (with their permission). \ No newline at end of file +We appreciate the security research community's efforts in helping keep create-markdown secure. Contributors who report valid security issues will be acknowledged here (with their permission). diff --git a/package.json b/package.json index 0f13643..893c4c1 100644 --- a/package.json +++ b/package.json @@ -38,13 +38,18 @@ "devDependencies": { "@changesets/cli": "^2.27.0", "@testing-library/react": "^16.0.0", - "@vitejs/plugin-react": "^4.3.0", "jsdom": "^25.0.0", "tsup": "^8.5.1", "tsx": "^4.21.0", "turbo": "^2.3.0", "typescript": "^5.3.0", - "vitest": "^2.1.0" + "vite": "^7.1.11", + "vitest": "^4.1.2" + }, + "pnpm": { + "overrides": { + "lodash-es": "4.18.1" + } }, "packageManager": "pnpm@10.11.1", "engines": { diff --git a/packages/core/CHANGELOG.md b/packages/core/CHANGELOG.md index 036df23..31b8674 100644 --- a/packages/core/CHANGELOG.md +++ b/packages/core/CHANGELOG.md @@ -1,5 +1,15 @@ # @create-markdown/core +## 2.0.1 + +### Patch Changes + +- Patch release to publish the security remediation update across all packages. + + - refresh vulnerable dependency resolutions in the workspace + - ship the pnpm-based security audit improvements + - document trusted-content expectations for preview rendering + ## 2.0.0 ### Major Changes diff --git a/packages/core/package.json b/packages/core/package.json index e561a11..6fb6e54 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -1,6 +1,6 @@ { "name": "@create-markdown/core", - "version": "2.0.0", + "version": "2.0.1", "description": "Block-based markdown parsing and serialization with zero dependencies", "author": "Val Alexander ", "license": "MIT", @@ -51,7 +51,8 @@ }, "devDependencies": { "typescript": "^5.3.0", - "vitest": "^2.1.0" + "vite": "^7.1.11", + "vitest": "^4.1.2" }, "engines": { "node": ">=20.0.0" diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts index 8acd580..7af0944 100644 --- a/packages/core/src/index.ts +++ b/packages/core/src/index.ts @@ -259,4 +259,4 @@ export function toMarkdown(blocksOrDoc: Block[] | { blocks: Block[] }): string { /** * Package version */ -export const VERSION = '2.0.0'; +export const VERSION = '2.0.1'; diff --git a/packages/create-markdown/CHANGELOG.md b/packages/create-markdown/CHANGELOG.md index 682fd8c..f229f89 100644 --- a/packages/create-markdown/CHANGELOG.md +++ b/packages/create-markdown/CHANGELOG.md @@ -1,5 +1,20 @@ # create-markdown +## 2.0.1 + +### Patch Changes + +- Patch release to publish the security remediation update across all packages. + + - refresh vulnerable dependency resolutions in the workspace + - ship the pnpm-based security audit improvements + - document trusted-content expectations for preview rendering + +- Updated dependencies + - @create-markdown/core@2.0.1 + - @create-markdown/react@2.0.1 + - @create-markdown/preview@2.0.1 + ## 2.0.0 ### Major Changes diff --git a/packages/create-markdown/package.json b/packages/create-markdown/package.json index e0e5fea..e8a5ea3 100644 --- a/packages/create-markdown/package.json +++ b/packages/create-markdown/package.json @@ -1,6 +1,6 @@ { "name": "create-markdown", - "version": "2.0.0", + "version": "2.0.1", "description": "Complete block-based markdown notes package - convenience bundle for @create-markdown packages", "author": "Val Alexander ", "license": "MIT", diff --git a/packages/create-markdown/src/index.ts b/packages/create-markdown/src/index.ts index cb61f66..a886e44 100644 --- a/packages/create-markdown/src/index.ts +++ b/packages/create-markdown/src/index.ts @@ -15,4 +15,4 @@ export * from '@create-markdown/core'; /** * Package version */ -export const VERSION = '2.0.0'; +export const VERSION = '2.0.1'; diff --git a/packages/docs/CHANGELOG.md b/packages/docs/CHANGELOG.md index dd17876..59302e5 100644 --- a/packages/docs/CHANGELOG.md +++ b/packages/docs/CHANGELOG.md @@ -1,5 +1,13 @@ # @create-markdown/docs +## 1.0.1 + +### Patch Changes + +- Updated dependencies + - @create-markdown/core@2.0.1 + - @create-markdown/mdx@1.0.1 + ## 1.0.0 ### Major Changes diff --git a/packages/docs/app/docs/[[...slug]]/page.tsx b/packages/docs/app/docs/[[...slug]]/page.tsx index 3ba5584..feea8f8 100644 --- a/packages/docs/app/docs/[[...slug]]/page.tsx +++ b/packages/docs/app/docs/[[...slug]]/page.tsx @@ -67,6 +67,7 @@ export default async function DocPage({ params }: DocPageProps) { {/* MDX Content */}
+ {/* Docs content is compiled only from repository-local MDX files in packages/docs/content. */} string); plugins?: PreviewPlugin[]; // Plugins for enhanced rendering } ``` ## License -MIT \ No newline at end of file +MIT diff --git a/packages/docs/content/index.mdx b/packages/docs/content/index.mdx index c7e71f8..14de598 100644 --- a/packages/docs/content/index.mdx +++ b/packages/docs/content/index.mdx @@ -81,6 +81,7 @@ const themed = applyPreviewTheme(raw); // wraps elements with cm-* classes ``` Pair with any theme CSS (`github.css`, `github-dark.css`, `minimal.css`, or `system.css`) and the styled output just works. +Sanitize untrusted HTML before assigning the themed output to the DOM. ### React Components @@ -125,6 +126,8 @@ const html = await renderAsync(blocks, { }); ``` +Preview output is intended for trusted content by default. If the markdown or generated HTML can come from users, sanitize it before rendering. + ### CSS Custom Property Theming The `system.css` theme uses CSS custom properties so it adapts to any design system: @@ -156,7 +159,7 @@ import '@create-markdown/preview/themes/system.css'; ### BYO Sanitizer -Pass any sanitizer function instead of relying on a built-in implementation: +Pass any sanitizer function when rendering untrusted content: ```typescript import { blocksToHTML } from '@create-markdown/preview'; @@ -201,6 +204,8 @@ Use `shadowMode: 'none'` to render in the light DOM and inherit page styles: registerPreviewElement({ shadowMode: 'none' }); ``` +The web component also assumes trusted markdown by default, so sanitize user-provided content before passing it in. + ## Documentation | Document | Description | @@ -253,4 +258,4 @@ We welcome contributions! Please see [CONTRIBUTING.md](./CONTRIBUTING.md) for gu ## License -MIT \ No newline at end of file +MIT diff --git a/packages/docs/package.json b/packages/docs/package.json index ae094af..e055cc4 100644 --- a/packages/docs/package.json +++ b/packages/docs/package.json @@ -1,6 +1,6 @@ { "name": "@create-markdown/docs", - "version": "1.0.0", + "version": "1.0.1", "private": true, "description": "Documentation site for create-markdown", "type": "module", @@ -22,7 +22,7 @@ "cmdk": "^1.0.0", "lucide-react": "^0.460.0", "next": "^16.1.6", - "next-mdx-remote": "^5.0.0", + "next-mdx-remote": "^6.0.0", "next-themes": "^0.4.0", "react": "^19.0.0", "react-dom": "^19.0.0", diff --git a/packages/mdx/CHANGELOG.md b/packages/mdx/CHANGELOG.md index 0e5d59d..038ca52 100644 --- a/packages/mdx/CHANGELOG.md +++ b/packages/mdx/CHANGELOG.md @@ -1,5 +1,18 @@ # @create-markdown/mdx +## 1.0.1 + +### Patch Changes + +- Patch release to publish the security remediation update across all packages. + + - refresh vulnerable dependency resolutions in the workspace + - ship the pnpm-based security audit improvements + - document trusted-content expectations for preview rendering + +- Updated dependencies + - @create-markdown/core@2.0.1 + ## 1.0.0 ### Major Changes diff --git a/packages/mdx/package.json b/packages/mdx/package.json index 3d0c45e..13d6ef2 100644 --- a/packages/mdx/package.json +++ b/packages/mdx/package.json @@ -1,6 +1,6 @@ { "name": "@create-markdown/mdx", - "version": "1.0.0", + "version": "1.0.1", "description": "Convert markdown blocks to MDX with component mappings", "author": "Val Alexander ", "license": "MIT", @@ -53,7 +53,8 @@ "devDependencies": { "@types/node": "^20.0.0", "typescript": "^5.3.0", - "vitest": "^2.1.0" + "vite": "^7.1.11", + "vitest": "^4.1.2" }, "peerDependencies": { "@create-markdown/core": ">=2.0.0" diff --git a/packages/mdx/src/index.ts b/packages/mdx/src/index.ts index 8568062..3e81b5a 100644 --- a/packages/mdx/src/index.ts +++ b/packages/mdx/src/index.ts @@ -49,4 +49,4 @@ export type { Block, TextSpan, BlockType } from '@create-markdown/core'; /** * Package version */ -export const VERSION = '1.0.0'; +export const VERSION = '1.0.1'; diff --git a/packages/preview/CHANGELOG.md b/packages/preview/CHANGELOG.md index 4c58708..7e675c4 100644 --- a/packages/preview/CHANGELOG.md +++ b/packages/preview/CHANGELOG.md @@ -1,5 +1,18 @@ # @create-markdown/preview +## 2.0.1 + +### Patch Changes + +- Patch release to publish the security remediation update across all packages. + + - refresh vulnerable dependency resolutions in the workspace + - ship the pnpm-based security audit improvements + - document trusted-content expectations for preview rendering + +- Updated dependencies + - @create-markdown/core@2.0.1 + ## 2.0.0 ### Major Changes diff --git a/packages/preview/README.md b/packages/preview/README.md index d53fa89..f75eb2f 100644 --- a/packages/preview/README.md +++ b/packages/preview/README.md @@ -21,16 +21,23 @@ pnpm add shiki mermaid ```typescript import { markdownToHTML } from '@create-markdown/preview'; +import DOMPurify from 'dompurify'; -const html = markdownToHTML(` +const html = await markdownToHTML(` # Hello World This is **bold** and *italic* text. `); -document.getElementById('preview').innerHTML = html; +const preview = document.getElementById('preview'); + +if (preview) { + preview.innerHTML = DOMPurify.sanitize(html, { USE_PROFILES: { html: true } }); +} ``` +Sanitize untrusted content before rendering it. Direct DOM assignment is only appropriate when you fully trust the markdown source. + ### With Syntax Highlighting (Shiki) ```typescript @@ -64,10 +71,17 @@ flowchart LR `); const html = await renderAsync(blocks, { - plugins: [mermaidPlugin({ theme: 'default' })], + plugins: [ + mermaidPlugin({ + theme: 'default', + config: { securityLevel: 'strict' }, + }), + ], }); ``` +Use Mermaid's stricter security mode when diagram text can come from users. Only opt into looser Mermaid settings for fully trusted content. + ### Web Component ```html @@ -96,6 +110,8 @@ registerPreviewElement({ }); ``` +The web component renders trusted content by default, so sanitize user-provided markdown before passing it to the element. + ## API ### `blocksToHTML(blocks, options?)` @@ -130,7 +146,7 @@ interface PreviewOptions { classPrefix?: string; // CSS class prefix (default: 'cm-') theme?: string; // Theme name linkTarget?: '_blank' | '_self'; - sanitize?: boolean; // Sanitize HTML output + sanitize?: boolean | ((html: string) => string); plugins?: PreviewPlugin[]; // Plugins for enhanced rendering } ``` diff --git a/packages/preview/package.json b/packages/preview/package.json index 19d10db..acd933a 100644 --- a/packages/preview/package.json +++ b/packages/preview/package.json @@ -1,6 +1,6 @@ { "name": "@create-markdown/preview", - "version": "2.0.0", + "version": "2.0.1", "description": "Framework-agnostic HTML rendering for @create-markdown with syntax highlighting and diagrams", "author": "Val Alexander ", "license": "MIT", @@ -75,7 +75,8 @@ }, "devDependencies": { "typescript": "^5.3.0", - "vitest": "^2.1.0" + "vite": "^7.1.11", + "vitest": "^4.1.2" }, "peerDependencies": { "@create-markdown/core": ">=2.0.0", diff --git a/packages/preview/src/index.ts b/packages/preview/src/index.ts index a662488..e94a2c1 100644 --- a/packages/preview/src/index.ts +++ b/packages/preview/src/index.ts @@ -78,4 +78,4 @@ export type { Block, TextSpan, BlockType } from '@create-markdown/core'; // Package Info // ============================================================================ -export const VERSION = '2.0.0'; +export const VERSION = '2.0.1'; diff --git a/packages/react/CHANGELOG.md b/packages/react/CHANGELOG.md index 84cd62b..acca775 100644 --- a/packages/react/CHANGELOG.md +++ b/packages/react/CHANGELOG.md @@ -1,5 +1,18 @@ # @create-markdown/react +## 2.0.1 + +### Patch Changes + +- Patch release to publish the security remediation update across all packages. + + - refresh vulnerable dependency resolutions in the workspace + - ship the pnpm-based security audit improvements + - document trusted-content expectations for preview rendering + +- Updated dependencies + - @create-markdown/core@2.0.1 + ## 2.0.0 ### Major Changes diff --git a/packages/react/package.json b/packages/react/package.json index 41700bc..bdaa546 100644 --- a/packages/react/package.json +++ b/packages/react/package.json @@ -1,6 +1,6 @@ { "name": "@create-markdown/react", - "version": "2.0.0", + "version": "2.0.1", "description": "React components and hooks for @create-markdown", "author": "Val Alexander ", "license": "MIT", @@ -52,11 +52,13 @@ "devDependencies": { "@testing-library/react": "^16.0.0", "@types/react": "^18.2.0", + "@types/react-dom": "^18.3.7", "jsdom": "^25.0.0", "react": "^18.2.0", "react-dom": "^18.2.0", "typescript": "^5.3.0", - "vitest": "^2.1.0" + "vite": "^7.1.11", + "vitest": "^4.1.2" }, "peerDependencies": { "@create-markdown/core": ">=2.0.0", diff --git a/packages/react/src/index.ts b/packages/react/src/index.ts index b39e93b..5bb386c 100644 --- a/packages/react/src/index.ts +++ b/packages/react/src/index.ts @@ -71,4 +71,4 @@ export { /** * Package version */ -export const VERSION = '2.0.0'; +export const VERSION = '2.0.1'; diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 92098ee..d742b26 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -4,6 +4,9 @@ settings: autoInstallPeers: true excludeLinksFromLockfile: false +overrides: + lodash-es: 4.18.1 + importers: .: @@ -14,9 +17,6 @@ importers: '@testing-library/react': specifier: ^16.0.0 version: 16.3.2(@testing-library/dom@10.4.1)(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4) - '@vitejs/plugin-react': - specifier: ^4.3.0 - version: 4.7.0(vite@5.4.21(@types/node@25.5.0)(lightningcss@1.32.0)) jsdom: specifier: ^25.0.0 version: 25.0.1 @@ -32,18 +32,24 @@ importers: typescript: specifier: ^5.3.0 version: 5.9.3 + vite: + specifier: ^7.1.11 + version: 7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) vitest: - specifier: ^2.1.0 - version: 2.1.9(@types/node@25.5.0)(jsdom@25.0.1)(lightningcss@1.32.0) + specifier: ^4.1.2 + version: 4.1.2(@types/node@25.5.0)(jsdom@25.0.1)(vite@7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)) packages/core: devDependencies: typescript: specifier: ^5.3.0 version: 5.9.3 + vite: + specifier: ^7.1.11 + version: 7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) vitest: - specifier: ^2.1.0 - version: 2.1.9(@types/node@25.5.0)(jsdom@25.0.1)(lightningcss@1.32.0) + specifier: ^4.1.2 + version: 4.1.2(@types/node@25.5.0)(jsdom@25.0.1)(vite@7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)) packages/create-markdown: dependencies: @@ -110,10 +116,10 @@ importers: version: 0.460.0(react@19.2.4) next: specifier: ^16.1.6 - version: 16.2.1(@babel/core@7.29.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4) + version: 16.2.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4) next-mdx-remote: - specifier: ^5.0.0 - version: 5.0.0(@types/react@19.2.14)(react@19.2.4) + specifier: ^6.0.0 + version: 6.0.0(@types/react@19.2.14)(react@19.2.4) next-themes: specifier: ^0.4.0 version: 0.4.6(react-dom@19.2.4(react@19.2.4))(react@19.2.4) @@ -167,8 +173,8 @@ importers: packages/mdx: dependencies: '@create-markdown/core': - specifier: '>=0.2.0' - version: 0.2.0 + specifier: '>=2.0.0' + version: 2.0.0 devDependencies: '@types/node': specifier: ^20.0.0 @@ -176,15 +182,18 @@ importers: typescript: specifier: ^5.3.0 version: 5.9.3 + vite: + specifier: ^7.1.11 + version: 7.3.1(@types/node@20.19.37)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) vitest: - specifier: ^2.1.0 - version: 2.1.9(@types/node@20.19.37)(jsdom@25.0.1)(lightningcss@1.32.0) + specifier: ^4.1.2 + version: 4.1.2(@types/node@20.19.37)(jsdom@25.0.1)(vite@7.3.1(@types/node@20.19.37)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)) packages/preview: dependencies: '@create-markdown/core': - specifier: '>=0.2.0' - version: 0.2.0 + specifier: '>=2.0.0' + version: 2.0.0 mermaid: specifier: '>=10.0.0' version: 11.13.0 @@ -195,22 +204,28 @@ importers: typescript: specifier: ^5.3.0 version: 5.9.3 + vite: + specifier: ^7.1.11 + version: 7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) vitest: - specifier: ^2.1.0 - version: 2.1.9(@types/node@25.5.0)(jsdom@25.0.1)(lightningcss@1.32.0) + specifier: ^4.1.2 + version: 4.1.2(@types/node@25.5.0)(jsdom@25.0.1)(vite@7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)) packages/react: dependencies: '@create-markdown/core': - specifier: '>=0.2.0' - version: 0.2.0 + specifier: '>=2.0.0' + version: 2.0.0 devDependencies: '@testing-library/react': specifier: ^16.0.0 - version: 16.3.2(@testing-library/dom@10.4.1)(@types/react-dom@19.2.3(@types/react@18.3.28))(@types/react@18.3.28)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) + version: 16.3.2(@testing-library/dom@10.4.1)(@types/react-dom@18.3.7(@types/react@18.3.28))(@types/react@18.3.28)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) '@types/react': specifier: ^18.2.0 version: 18.3.28 + '@types/react-dom': + specifier: ^18.3.7 + version: 18.3.7(@types/react@18.3.28) jsdom: specifier: ^25.0.0 version: 25.0.1 @@ -223,9 +238,12 @@ importers: typescript: specifier: ^5.3.0 version: 5.9.3 + vite: + specifier: ^7.1.11 + version: 7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) vitest: - specifier: ^2.1.0 - version: 2.1.9(@types/node@25.5.0)(jsdom@25.0.1)(lightningcss@1.32.0) + specifier: ^4.1.2 + version: 4.1.2(@types/node@25.5.0)(jsdom@25.0.1)(vite@7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)) playground: dependencies: @@ -246,10 +264,10 @@ importers: version: 3.2.2(react@19.2.4) '@vercel/analytics': specifier: ^1.6.1 - version: 1.6.1(next@16.2.1(@babel/core@7.29.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(react@19.2.4) + version: 1.6.1(next@16.2.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(react@19.2.4) next: specifier: ^16 - version: 16.2.1(@babel/core@7.29.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4) + version: 16.2.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4) react: specifier: ^19 version: 19.2.4 @@ -292,89 +310,14 @@ packages: resolution: {integrity: sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==} engines: {node: '>=6.9.0'} - '@babel/compat-data@7.29.0': - resolution: {integrity: sha512-T1NCJqT/j9+cn8fvkt7jtwbLBfLC/1y1c7NtCeXFRgzGTsafi68MRv8yzkYSapBnFA6L3U2VSc02ciDzoAJhJg==} - engines: {node: '>=6.9.0'} - - '@babel/core@7.29.0': - resolution: {integrity: sha512-CGOfOJqWjg2qW/Mb6zNsDm+u5vFQ8DxXfbM09z69p5Z6+mE1ikP2jUXw+j42Pf1XTYED2Rni5f95npYeuwMDQA==} - engines: {node: '>=6.9.0'} - - '@babel/generator@7.29.1': - resolution: {integrity: sha512-qsaF+9Qcm2Qv8SRIMMscAvG4O3lJ0F1GuMo5HR/Bp02LopNgnZBC/EkbevHFeGs4ls/oPz9v+Bsmzbkbe+0dUw==} - engines: {node: '>=6.9.0'} - - '@babel/helper-compilation-targets@7.28.6': - resolution: {integrity: sha512-JYtls3hqi15fcx5GaSNL7SCTJ2MNmjrkHXg4FSpOA/grxK8KwyZ5bubHsCq8FXCkua6xhuaaBit+3b7+VZRfcA==} - engines: {node: '>=6.9.0'} - - '@babel/helper-globals@7.28.0': - resolution: {integrity: sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw==} - engines: {node: '>=6.9.0'} - - '@babel/helper-module-imports@7.28.6': - resolution: {integrity: sha512-l5XkZK7r7wa9LucGw9LwZyyCUscb4x37JWTPz7swwFE/0FMQAGpiWUZn8u9DzkSBWEcK25jmvubfpw2dnAMdbw==} - engines: {node: '>=6.9.0'} - - '@babel/helper-module-transforms@7.28.6': - resolution: {integrity: sha512-67oXFAYr2cDLDVGLXTEABjdBJZ6drElUSI7WKp70NrpyISso3plG9SAGEF6y7zbha/wOzUByWWTJvEDVNIUGcA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/helper-plugin-utils@7.28.6': - resolution: {integrity: sha512-S9gzZ/bz83GRysI7gAD4wPT/AI3uCnY+9xn+Mx/KPs2JwHJIz1W8PZkg2cqyt3RNOBM8ejcXhV6y8Og7ly/Dug==} - engines: {node: '>=6.9.0'} - - '@babel/helper-string-parser@7.27.1': - resolution: {integrity: sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==} - engines: {node: '>=6.9.0'} - '@babel/helper-validator-identifier@7.28.5': resolution: {integrity: sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==} engines: {node: '>=6.9.0'} - '@babel/helper-validator-option@7.27.1': - resolution: {integrity: sha512-YvjJow9FxbhFFKDSuFnVCe2WxXk1zWc22fFePVNEaWJEu8IrZVlda6N0uHwzZrUM1il7NC9Mlp4MaJYbYd9JSg==} - engines: {node: '>=6.9.0'} - - '@babel/helpers@7.29.2': - resolution: {integrity: sha512-HoGuUs4sCZNezVEKdVcwqmZN8GoHirLUcLaYVNBK2J0DadGtdcqgr3BCbvH8+XUo4NGjNl3VOtSjEKNzqfFgKw==} - engines: {node: '>=6.9.0'} - - '@babel/parser@7.29.2': - resolution: {integrity: sha512-4GgRzy/+fsBa72/RZVJmGKPmZu9Byn8o4MoLpmNe1m8ZfYnz5emHLQz3U4gLud6Zwl0RZIcgiLD7Uq7ySFuDLA==} - engines: {node: '>=6.0.0'} - hasBin: true - - '@babel/plugin-transform-react-jsx-self@7.27.1': - resolution: {integrity: sha512-6UzkCs+ejGdZ5mFFC/OCUrv028ab2fp1znZmCZjAOBKiBK2jXD1O+BPSfX8X2qjJ75fZBMSnQn3Rq2mrBJK2mw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-react-jsx-source@7.27.1': - resolution: {integrity: sha512-zbwoTsBruTeKB9hSq73ha66iFeJHuaFkUbwvqElnygoNbj/jHRsSeokowZFN3CZ64IvEqcmmkVe89OPXc7ldAw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - '@babel/runtime@7.29.2': resolution: {integrity: sha512-JiDShH45zKHWyGe4ZNVRrCjBz8Nh9TMmZG1kh4QTK8hCBTWBi8Da+i7s1fJw7/lYpM4ccepSNfqzZ/QvABBi5g==} engines: {node: '>=6.9.0'} - '@babel/template@7.28.6': - resolution: {integrity: sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==} - engines: {node: '>=6.9.0'} - - '@babel/traverse@7.29.0': - resolution: {integrity: sha512-4HPiQr0X7+waHfyXPZpWPfWL/J7dcN1mx9gL6WdQVMbPnF3+ZhSMs8tCxN7oHddJE9fhNE7+lxdnlyemKfJRuA==} - engines: {node: '>=6.9.0'} - - '@babel/types@7.29.0': - resolution: {integrity: sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==} - engines: {node: '>=6.9.0'} - '@braintree/sanitize-url@7.1.2': resolution: {integrity: sha512-jigsZK+sMF/cuiB7sERuo9V7N9jx+dhmHHnQyDSVdpZwVutaBu7WvNYqMDLSgFgfB30n452TP3vjDAvFC973mA==} @@ -448,8 +391,8 @@ packages: '@chevrotain/utils@11.1.2': resolution: {integrity: sha512-4mudFAQ6H+MqBTfqLmU7G1ZwRzCLfJEooL/fsF6rCX5eePMbGhoy5n4g+G4vlh2muDcsCTJtL+uKbOzWxs5LHA==} - '@create-markdown/core@0.2.0': - resolution: {integrity: sha512-lCvQcIY+C+oyHbojZSxuEwgVjcrSgT0yU7VvRrx6g2dyC2kb/HHyakkcq15n6SjXUCgvhocxnXQURoROH/cKbA==} + '@create-markdown/core@2.0.0': + resolution: {integrity: sha512-xOmhoiDSa82EzjXp3aViQdB+xfCP4E2jEKxJiKJ702sup3p/CTCtL8fZBKQ3BvzASQRpq/xKCRXZZwRrg1DmZQ==} engines: {node: '>=20.0.0'} '@csstools/color-helpers@5.1.0': @@ -505,204 +448,102 @@ packages: '@emnapi/runtime@1.9.1': resolution: {integrity: sha512-VYi5+ZVLhpgK4hQ0TAjiQiZ6ol0oe4mBx7mVv7IflsiEp0OWoVsp/+f9Vc1hOhE0TtkORVrI1GvzyreqpgWtkA==} - '@esbuild/aix-ppc64@0.21.5': - resolution: {integrity: sha512-1SDgH6ZSPTlggy1yI6+Dbkiz8xzpHJEVAlF/AM1tHPLsf5STom9rwtjE4hKAF20FfXXNTFqEYXyJNWh1GiZedQ==} - engines: {node: '>=12'} - cpu: [ppc64] - os: [aix] - '@esbuild/aix-ppc64@0.27.4': resolution: {integrity: sha512-cQPwL2mp2nSmHHJlCyoXgHGhbEPMrEEU5xhkcy3Hs/O7nGZqEpZ2sUtLaL9MORLtDfRvVl2/3PAuEkYZH0Ty8Q==} engines: {node: '>=18'} cpu: [ppc64] os: [aix] - '@esbuild/android-arm64@0.21.5': - resolution: {integrity: sha512-c0uX9VAUBQ7dTDCjq+wdyGLowMdtR/GoC2U5IYk/7D1H1JYC0qseD7+11iMP2mRLN9RcCMRcjC4YMclCzGwS/A==} - engines: {node: '>=12'} - cpu: [arm64] - os: [android] - '@esbuild/android-arm64@0.27.4': resolution: {integrity: sha512-gdLscB7v75wRfu7QSm/zg6Rx29VLdy9eTr2t44sfTW7CxwAtQghZ4ZnqHk3/ogz7xao0QAgrkradbBzcqFPasw==} engines: {node: '>=18'} cpu: [arm64] os: [android] - '@esbuild/android-arm@0.21.5': - resolution: {integrity: sha512-vCPvzSjpPHEi1siZdlvAlsPxXl7WbOVUBBAowWug4rJHb68Ox8KualB+1ocNvT5fjv6wpkX6o/iEpbDrf68zcg==} - engines: {node: '>=12'} - cpu: [arm] - os: [android] - '@esbuild/android-arm@0.27.4': resolution: {integrity: sha512-X9bUgvxiC8CHAGKYufLIHGXPJWnr0OCdR0anD2e21vdvgCI8lIfqFbnoeOz7lBjdrAGUhqLZLcQo6MLhTO2DKQ==} engines: {node: '>=18'} cpu: [arm] os: [android] - '@esbuild/android-x64@0.21.5': - resolution: {integrity: sha512-D7aPRUUNHRBwHxzxRvp856rjUHRFW1SdQATKXH2hqA0kAZb1hKmi02OpYRacl0TxIGz/ZmXWlbZgjwWYaCakTA==} - engines: {node: '>=12'} - cpu: [x64] - os: [android] - '@esbuild/android-x64@0.27.4': resolution: {integrity: sha512-PzPFnBNVF292sfpfhiyiXCGSn9HZg5BcAz+ivBuSsl6Rk4ga1oEXAamhOXRFyMcjwr2DVtm40G65N3GLeH1Lvw==} engines: {node: '>=18'} cpu: [x64] os: [android] - '@esbuild/darwin-arm64@0.21.5': - resolution: {integrity: sha512-DwqXqZyuk5AiWWf3UfLiRDJ5EDd49zg6O9wclZ7kUMv2WRFr4HKjXp/5t8JZ11QbQfUS6/cRCKGwYhtNAY88kQ==} - engines: {node: '>=12'} - cpu: [arm64] - os: [darwin] - '@esbuild/darwin-arm64@0.27.4': resolution: {integrity: sha512-b7xaGIwdJlht8ZFCvMkpDN6uiSmnxxK56N2GDTMYPr2/gzvfdQN8rTfBsvVKmIVY/X7EM+/hJKEIbbHs9oA4tQ==} engines: {node: '>=18'} cpu: [arm64] os: [darwin] - '@esbuild/darwin-x64@0.21.5': - resolution: {integrity: sha512-se/JjF8NlmKVG4kNIuyWMV/22ZaerB+qaSi5MdrXtd6R08kvs2qCN4C09miupktDitvh8jRFflwGFBQcxZRjbw==} - engines: {node: '>=12'} - cpu: [x64] - os: [darwin] - '@esbuild/darwin-x64@0.27.4': resolution: {integrity: sha512-sR+OiKLwd15nmCdqpXMnuJ9W2kpy0KigzqScqHI3Hqwr7IXxBp3Yva+yJwoqh7rE8V77tdoheRYataNKL4QrPw==} engines: {node: '>=18'} cpu: [x64] os: [darwin] - '@esbuild/freebsd-arm64@0.21.5': - resolution: {integrity: sha512-5JcRxxRDUJLX8JXp/wcBCy3pENnCgBR9bN6JsY4OmhfUtIHe3ZW0mawA7+RDAcMLrMIZaf03NlQiX9DGyB8h4g==} - engines: {node: '>=12'} - cpu: [arm64] - os: [freebsd] - '@esbuild/freebsd-arm64@0.27.4': resolution: {integrity: sha512-jnfpKe+p79tCnm4GVav68A7tUFeKQwQyLgESwEAUzyxk/TJr4QdGog9sqWNcUbr/bZt/O/HXouspuQDd9JxFSw==} engines: {node: '>=18'} cpu: [arm64] os: [freebsd] - '@esbuild/freebsd-x64@0.21.5': - resolution: {integrity: sha512-J95kNBj1zkbMXtHVH29bBriQygMXqoVQOQYA+ISs0/2l3T9/kj42ow2mpqerRBxDJnmkUDCaQT/dfNXWX/ZZCQ==} - engines: {node: '>=12'} - cpu: [x64] - os: [freebsd] - '@esbuild/freebsd-x64@0.27.4': resolution: {integrity: sha512-2kb4ceA/CpfUrIcTUl1wrP/9ad9Atrp5J94Lq69w7UwOMolPIGrfLSvAKJp0RTvkPPyn6CIWrNy13kyLikZRZQ==} engines: {node: '>=18'} cpu: [x64] os: [freebsd] - '@esbuild/linux-arm64@0.21.5': - resolution: {integrity: sha512-ibKvmyYzKsBeX8d8I7MH/TMfWDXBF3db4qM6sy+7re0YXya+K1cem3on9XgdT2EQGMu4hQyZhan7TeQ8XkGp4Q==} - engines: {node: '>=12'} - cpu: [arm64] - os: [linux] - '@esbuild/linux-arm64@0.27.4': resolution: {integrity: sha512-7nQOttdzVGth1iz57kxg9uCz57dxQLHWxopL6mYuYthohPKEK0vU0C3O21CcBK6KDlkYVcnDXY099HcCDXd9dA==} engines: {node: '>=18'} cpu: [arm64] os: [linux] - '@esbuild/linux-arm@0.21.5': - resolution: {integrity: sha512-bPb5AHZtbeNGjCKVZ9UGqGwo8EUu4cLq68E95A53KlxAPRmUyYv2D6F0uUI65XisGOL1hBP5mTronbgo+0bFcA==} - engines: {node: '>=12'} - cpu: [arm] - os: [linux] - '@esbuild/linux-arm@0.27.4': resolution: {integrity: sha512-aBYgcIxX/wd5n2ys0yESGeYMGF+pv6g0DhZr3G1ZG4jMfruU9Tl1i2Z+Wnj9/KjGz1lTLCcorqE2viePZqj4Eg==} engines: {node: '>=18'} cpu: [arm] os: [linux] - '@esbuild/linux-ia32@0.21.5': - resolution: {integrity: sha512-YvjXDqLRqPDl2dvRODYmmhz4rPeVKYvppfGYKSNGdyZkA01046pLWyRKKI3ax8fbJoK5QbxblURkwK/MWY18Tg==} - engines: {node: '>=12'} - cpu: [ia32] - os: [linux] - '@esbuild/linux-ia32@0.27.4': resolution: {integrity: sha512-oPtixtAIzgvzYcKBQM/qZ3R+9TEUd1aNJQu0HhGyqtx6oS7qTpvjheIWBbes4+qu1bNlo2V4cbkISr8q6gRBFA==} engines: {node: '>=18'} cpu: [ia32] os: [linux] - '@esbuild/linux-loong64@0.21.5': - resolution: {integrity: sha512-uHf1BmMG8qEvzdrzAqg2SIG/02+4/DHB6a9Kbya0XDvwDEKCoC8ZRWI5JJvNdUjtciBGFQ5PuBlpEOXQj+JQSg==} - engines: {node: '>=12'} - cpu: [loong64] - os: [linux] - '@esbuild/linux-loong64@0.27.4': resolution: {integrity: sha512-8mL/vh8qeCoRcFH2nM8wm5uJP+ZcVYGGayMavi8GmRJjuI3g1v6Z7Ni0JJKAJW+m0EtUuARb6Lmp4hMjzCBWzA==} engines: {node: '>=18'} cpu: [loong64] os: [linux] - '@esbuild/linux-mips64el@0.21.5': - resolution: {integrity: sha512-IajOmO+KJK23bj52dFSNCMsz1QP1DqM6cwLUv3W1QwyxkyIWecfafnI555fvSGqEKwjMXVLokcV5ygHW5b3Jbg==} - engines: {node: '>=12'} - cpu: [mips64el] - os: [linux] - '@esbuild/linux-mips64el@0.27.4': resolution: {integrity: sha512-1RdrWFFiiLIW7LQq9Q2NES+HiD4NyT8Itj9AUeCl0IVCA459WnPhREKgwrpaIfTOe+/2rdntisegiPWn/r/aAw==} engines: {node: '>=18'} cpu: [mips64el] os: [linux] - '@esbuild/linux-ppc64@0.21.5': - resolution: {integrity: sha512-1hHV/Z4OEfMwpLO8rp7CvlhBDnjsC3CttJXIhBi+5Aj5r+MBvy4egg7wCbe//hSsT+RvDAG7s81tAvpL2XAE4w==} - engines: {node: '>=12'} - cpu: [ppc64] - os: [linux] - '@esbuild/linux-ppc64@0.27.4': resolution: {integrity: sha512-tLCwNG47l3sd9lpfyx9LAGEGItCUeRCWeAx6x2Jmbav65nAwoPXfewtAdtbtit/pJFLUWOhpv0FpS6GQAmPrHA==} engines: {node: '>=18'} cpu: [ppc64] os: [linux] - '@esbuild/linux-riscv64@0.21.5': - resolution: {integrity: sha512-2HdXDMd9GMgTGrPWnJzP2ALSokE/0O5HhTUvWIbD3YdjME8JwvSCnNGBnTThKGEB91OZhzrJ4qIIxk/SBmyDDA==} - engines: {node: '>=12'} - cpu: [riscv64] - os: [linux] - '@esbuild/linux-riscv64@0.27.4': resolution: {integrity: sha512-BnASypppbUWyqjd1KIpU4AUBiIhVr6YlHx/cnPgqEkNoVOhHg+YiSVxM1RLfiy4t9cAulbRGTNCKOcqHrEQLIw==} engines: {node: '>=18'} cpu: [riscv64] os: [linux] - '@esbuild/linux-s390x@0.21.5': - resolution: {integrity: sha512-zus5sxzqBJD3eXxwvjN1yQkRepANgxE9lgOW2qLnmr8ikMTphkjgXu1HR01K4FJg8h1kEEDAqDcZQtbrRnB41A==} - engines: {node: '>=12'} - cpu: [s390x] - os: [linux] - '@esbuild/linux-s390x@0.27.4': resolution: {integrity: sha512-+eUqgb/Z7vxVLezG8bVB9SfBie89gMueS+I0xYh2tJdw3vqA/0ImZJ2ROeWwVJN59ihBeZ7Tu92dF/5dy5FttA==} engines: {node: '>=18'} cpu: [s390x] os: [linux] - '@esbuild/linux-x64@0.21.5': - resolution: {integrity: sha512-1rYdTpyv03iycF1+BhzrzQJCdOuAOtaqHTWJZCWvijKD2N5Xu0TtVC8/+1faWqcP9iBCWOmjmhoH94dH82BxPQ==} - engines: {node: '>=12'} - cpu: [x64] - os: [linux] - '@esbuild/linux-x64@0.27.4': resolution: {integrity: sha512-S5qOXrKV8BQEzJPVxAwnryi2+Iq5pB40gTEIT69BQONqR7JH1EPIcQ/Uiv9mCnn05jff9umq/5nqzxlqTOg9NA==} engines: {node: '>=18'} @@ -715,12 +556,6 @@ packages: cpu: [arm64] os: [netbsd] - '@esbuild/netbsd-x64@0.21.5': - resolution: {integrity: sha512-Woi2MXzXjMULccIwMnLciyZH4nCIMpWQAs049KEeMvOcNADVxo0UBIQPfSmxB3CWKedngg7sWZdLvLczpe0tLg==} - engines: {node: '>=12'} - cpu: [x64] - os: [netbsd] - '@esbuild/netbsd-x64@0.27.4': resolution: {integrity: sha512-RugOvOdXfdyi5Tyv40kgQnI0byv66BFgAqjdgtAKqHoZTbTF2QqfQrFwa7cHEORJf6X2ht+l9ABLMP0dnKYsgg==} engines: {node: '>=18'} @@ -733,12 +568,6 @@ packages: cpu: [arm64] os: [openbsd] - '@esbuild/openbsd-x64@0.21.5': - resolution: {integrity: sha512-HLNNw99xsvx12lFBUwoT8EVCsSvRNDVxNpjZ7bPn947b8gJPzeHWyNVhFsaerc0n3TsbOINvRP2byTZ5LKezow==} - engines: {node: '>=12'} - cpu: [x64] - os: [openbsd] - '@esbuild/openbsd-x64@0.27.4': resolution: {integrity: sha512-u8fg/jQ5aQDfsnIV6+KwLOf1CmJnfu1ShpwqdwC0uA7ZPwFws55Ngc12vBdeUdnuWoQYx/SOQLGDcdlfXhYmXQ==} engines: {node: '>=18'} @@ -751,48 +580,24 @@ packages: cpu: [arm64] os: [openharmony] - '@esbuild/sunos-x64@0.21.5': - resolution: {integrity: sha512-6+gjmFpfy0BHU5Tpptkuh8+uw3mnrvgs+dSPQXQOv3ekbordwnzTVEb4qnIvQcYXq6gzkyTnoZ9dZG+D4garKg==} - engines: {node: '>=12'} - cpu: [x64] - os: [sunos] - '@esbuild/sunos-x64@0.27.4': resolution: {integrity: sha512-/gOzgaewZJfeJTlsWhvUEmUG4tWEY2Spp5M20INYRg2ZKl9QPO3QEEgPeRtLjEWSW8FilRNacPOg8R1uaYkA6g==} engines: {node: '>=18'} cpu: [x64] os: [sunos] - '@esbuild/win32-arm64@0.21.5': - resolution: {integrity: sha512-Z0gOTd75VvXqyq7nsl93zwahcTROgqvuAcYDUr+vOv8uHhNSKROyU961kgtCD1e95IqPKSQKH7tBTslnS3tA8A==} - engines: {node: '>=12'} - cpu: [arm64] - os: [win32] - '@esbuild/win32-arm64@0.27.4': resolution: {integrity: sha512-Z9SExBg2y32smoDQdf1HRwHRt6vAHLXcxD2uGgO/v2jK7Y718Ix4ndsbNMU/+1Qiem9OiOdaqitioZwxivhXYg==} engines: {node: '>=18'} cpu: [arm64] os: [win32] - '@esbuild/win32-ia32@0.21.5': - resolution: {integrity: sha512-SWXFF1CL2RVNMaVs+BBClwtfZSvDgtL//G/smwAc5oVK/UPu2Gu9tIaRgFmYFFKrmg3SyAjSrElf0TiJ1v8fYA==} - engines: {node: '>=12'} - cpu: [ia32] - os: [win32] - '@esbuild/win32-ia32@0.27.4': resolution: {integrity: sha512-DAyGLS0Jz5G5iixEbMHi5KdiApqHBWMGzTtMiJ72ZOLhbu/bzxgAe8Ue8CTS3n3HbIUHQz/L51yMdGMeoxXNJw==} engines: {node: '>=18'} cpu: [ia32] os: [win32] - '@esbuild/win32-x64@0.21.5': - resolution: {integrity: sha512-tQd/1efJuzPC6rCFwEvLtci/xNFcTZknmXs98FYDfGE4wP9ClFV98nyKrzJKVPMhdDnjzLhdUyMX4PsQAPjwIw==} - engines: {node: '>=12'} - cpu: [x64] - os: [win32] - '@esbuild/win32-x64@0.27.4': resolution: {integrity: sha512-+knoa0BDoeXgkNvvV1vvbZX4+hizelrkwmGJBdT17t8FNPwG2lKemmuMZlmaNQ3ws3DKKCxpb4zRZEIp3UxFCg==} engines: {node: '>=18'} @@ -1266,9 +1071,6 @@ packages: '@types/react': optional: true - '@rolldown/pluginutils@1.0.0-beta.27': - resolution: {integrity: sha512-+d0F4MKMCbeVUJwG96uQ4SgAznZNSq93I3V+9NHA4OpvqG8mRCpGdKmK8l/dl02h2CCDHwW2FqilnTyDcAnqjA==} - '@rollup/rollup-android-arm-eabi@4.60.0': resolution: {integrity: sha512-WOhNW9K8bR3kf4zLxbfg6Pxu2ybOUbB2AjMDHSQx86LIF4rH4Ft7vmMwNt0loO0eonglSNy4cpD3MKXXKQu0/A==} cpu: [arm] @@ -1415,6 +1217,9 @@ packages: '@shikijs/vscode-textmate@10.0.2': resolution: {integrity: sha512-83yeghZ2xxin3Nj8z1NMd/NCuca+gsYXswywDy5bHvwlWL8tpTQmzGeUuHd9FC3E/SBEMvzJRwWEOz5gGes9Qg==} + '@standard-schema/spec@1.1.0': + resolution: {integrity: sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==} + '@swc/helpers@0.5.15': resolution: {integrity: sha512-JQ5TuMi45Owi4/BIMAJBoSQoOJu12oOk/gADqlcUL9JEdHB8vyjUSsxqeNXnmXHjYKMi2WcYtezGEEhqUI/E2g==} @@ -1563,17 +1368,8 @@ packages: '@types/aria-query@5.0.4': resolution: {integrity: sha512-rfT93uj5s0PRL7EzccGMs3brplhcrghnDoV26NqKhCAS1hVo+WdNsPvE/yb6ilfr5hi2MEk6d5EWJTKdxg8jVw==} - '@types/babel__core@7.20.5': - resolution: {integrity: sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==} - - '@types/babel__generator@7.27.0': - resolution: {integrity: sha512-ufFd2Xi92OAVPYsy+P4n7/U7e68fex0+Ee8gSG9KX7eo084CWiQ4sdxktvdl0bOPupXtVJPY19zk6EwWqUQ8lg==} - - '@types/babel__template@7.4.4': - resolution: {integrity: sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==} - - '@types/babel__traverse@7.28.0': - resolution: {integrity: sha512-8PvcXf70gTDZBgt9ptxJ8elBeBjcLOAcOtoO/mPJjtji1+CdGbHgm77om1GrsPxsiE+uXIpNSK64UYaIwQXd4Q==} + '@types/chai@5.2.3': + resolution: {integrity: sha512-Mw558oeA9fFbv65/y4mHtXDs9bPnFMZAL/jxdPFUpOHHIXX91mcgEHbS5Lahr+pwZFR8A7GQleRWeI6cGFC2UA==} '@types/d3-array@3.2.2': resolution: {integrity: sha512-hOLWVbm7uRza0BYXpIIW5pxfrKe0W+D5lrFiAEYR+pb6w3N2SwSMaJbXdUfSEv+dT4MfHBLtn5js0LAWaO6otw==} @@ -1671,6 +1467,9 @@ packages: '@types/debug@4.1.13': resolution: {integrity: sha512-KSVgmQmzMwPlmtljOomayoR89W4FynCAi3E8PPs7vmDVPe84hT+vGPKkJfThkmXs0x0jAaa9U8uW8bbfyS2fWw==} + '@types/deep-eql@4.0.2': + resolution: {integrity: sha512-c9h9dVVMigMPc4bwTvC5dxqtqJZwQPePsWjPlpSOnojbor6pGqdk541lfA7AqFQr5pB1BRdq0juY9db81BwyFw==} + '@types/estree-jsx@1.0.5': resolution: {integrity: sha512-52CcUVNFyfb1A2ALocQw/Dd1BQFNmSdkuC3BkZ6iqhdMfQz7JWOFRuJFloOzjk+6WijU56m9oKXFAXc7o3Towg==} @@ -1704,6 +1503,11 @@ packages: '@types/prop-types@15.7.15': resolution: {integrity: sha512-F6bEyamV9jKGAFBEmlQnesRPGOQqS2+Uwi0Em15xenOxHaf2hv6L8YCVn3rPdPJOiJfPiCnLIRyvwVaqMY3MIw==} + '@types/react-dom@18.3.7': + resolution: {integrity: sha512-MEe3UeoENYVFXzoXEWsvcpg6ZvlrFNlOQ7EOsvhI3CfAXwzPfO8Qwuxd40nepsYKqyyVQnTdEfv68q91yLcKrQ==} + peerDependencies: + '@types/react': ^18.0.0 + '@types/react-dom@19.2.3': resolution: {integrity: sha512-jp2L/eY6fn+KgVVQAOqYItbF0VY/YApe5Mz2F0aykSO8gx31bYCZyvSeYxCHKvzHG5eZjc+zyaS5BrBWya2+kQ==} peerDependencies: @@ -1756,40 +1560,34 @@ packages: vue-router: optional: true - '@vitejs/plugin-react@4.7.0': - resolution: {integrity: sha512-gUu9hwfWvvEDBBmgtAowQCojwZmJ5mcLn3aufeCsitijs3+f2NsrPtlAWIR6OPiqljl96GVCUbLe0HyqIpVaoA==} - engines: {node: ^14.18.0 || >=16.0.0} - peerDependencies: - vite: ^4.2.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 - - '@vitest/expect@2.1.9': - resolution: {integrity: sha512-UJCIkTBenHeKT1TTlKMJWy1laZewsRIzYighyYiJKZreqtdxSos/S1t+ktRMQWu2CKqaarrkeszJx1cgC5tGZw==} + '@vitest/expect@4.1.2': + resolution: {integrity: sha512-gbu+7B0YgUJ2nkdsRJrFFW6X7NTP44WlhiclHniUhxADQJH5Szt9mZ9hWnJPJ8YwOK5zUOSSlSvyzRf0u1DSBQ==} - '@vitest/mocker@2.1.9': - resolution: {integrity: sha512-tVL6uJgoUdi6icpxmdrn5YNo3g3Dxv+IHJBr0GXHaEdTcw3F+cPKnsXFhli6nO+f/6SDKPHEK1UN+k+TQv0Ehg==} + '@vitest/mocker@4.1.2': + resolution: {integrity: sha512-Ize4iQtEALHDttPRCmN+FKqOl2vxTiNUhzobQFFt/BM1lRUTG7zRCLOykG/6Vo4E4hnUdfVLo5/eqKPukcWW7Q==} peerDependencies: msw: ^2.4.9 - vite: ^5.0.0 + vite: ^6.0.0 || ^7.0.0 || ^8.0.0 peerDependenciesMeta: msw: optional: true vite: optional: true - '@vitest/pretty-format@2.1.9': - resolution: {integrity: sha512-KhRIdGV2U9HOUzxfiHmY8IFHTdqtOhIzCpd8WRdJiE7D/HUcZVD0EgQCVjm+Q9gkUXWgBvMmTtZgIG48wq7sOQ==} + '@vitest/pretty-format@4.1.2': + resolution: {integrity: sha512-dwQga8aejqeuB+TvXCMzSQemvV9hNEtDDpgUKDzOmNQayl2OG241PSWeJwKRH3CiC+sESrmoFd49rfnq7T4RnA==} - '@vitest/runner@2.1.9': - resolution: {integrity: sha512-ZXSSqTFIrzduD63btIfEyOmNcBmQvgOVsPNPe0jYtESiXkhd8u2erDLnMxmGrDCwHCCHE7hxwRDCT3pt0esT4g==} + '@vitest/runner@4.1.2': + resolution: {integrity: sha512-Gr+FQan34CdiYAwpGJmQG8PgkyFVmARK8/xSijia3eTFgVfpcpztWLuP6FttGNfPLJhaZVP/euvujeNYar36OQ==} - '@vitest/snapshot@2.1.9': - resolution: {integrity: sha512-oBO82rEjsxLNJincVhLhaxxZdEtV0EFHMK5Kmx5sJ6H9L183dHECjiefOAdnqpIgT5eZwT04PoggUnW88vOBNQ==} + '@vitest/snapshot@4.1.2': + resolution: {integrity: sha512-g7yfUmxYS4mNxk31qbOYsSt2F4m1E02LFqO53Xpzg3zKMhLAPZAjjfyl9e6z7HrW6LvUdTwAQR3HHfLjpko16A==} - '@vitest/spy@2.1.9': - resolution: {integrity: sha512-E1B35FwzXXTs9FHNK6bDszs7mtydNi5MIfUWpceJ8Xbfb1gBMscAnwLbEu+B44ed6W3XjL9/ehLPHR1fkf1KLQ==} + '@vitest/spy@4.1.2': + resolution: {integrity: sha512-DU4fBnbVCJGNBwVA6xSToNXrkZNSiw59H8tcuUspVMsBDBST4nfvsPsEHDHGtWRRnqBERBQu7TrTKskmjqTXKA==} - '@vitest/utils@2.1.9': - resolution: {integrity: sha512-v0psaMSkNJ3A2NMrUEHFRzJtDPFn+/VWZ5WxImB21T9fjucJRmS7xCS3ppEnARb9y11OAzaD+P2Ps+b+BGX5iQ==} + '@vitest/utils@4.1.2': + resolution: {integrity: sha512-xw2/TiX82lQHA06cgbqRKFb5lCAy3axQ4H4SoUFhUsg+wztiet+co86IAMDtF6Vm1hc7J6j09oh/rgDn+JdKIQ==} acorn-jsx@5.3.2: resolution: {integrity: sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==} @@ -1911,8 +1709,8 @@ packages: ccount@2.0.1: resolution: {integrity: sha512-eyrF0jiFpY+3drT6383f1qhkbGsLSifNAjA61IUjZjmLCWjItY6LB9ft9YhoDgwfmclB2zhu51Lc7+95b8NRAg==} - chai@5.3.3: - resolution: {integrity: sha512-4zNhdJD/iOjSH0A05ea+Ke6MU5mmpQcbQsSOkgdaUMJ9zTlDTD/GYlwohmIE2u0gaxHYiVHEn1Fw9mZ/ktJWgw==} + chai@6.2.2: + resolution: {integrity: sha512-NUPRluOfOiTKBKvWPtSD4PhFvWCqOi0BGStNWs57X9js7XGTprSmFoz5F0tWhR4WPjNeR9jXqdC7/UpSJTnlRg==} engines: {node: '>=18'} character-entities-html4@2.1.0: @@ -1930,10 +1728,6 @@ packages: chardet@2.1.1: resolution: {integrity: sha512-PsezH1rqdV9VvyNhxxOW32/d75r01NY7TQCmOqomRo15ZSOKbpTFVsfjghxo6JloQUCGnH4k1LGu0R4yCLlWQQ==} - check-error@2.1.3: - resolution: {integrity: sha512-PAJdDJusoxnwm1VwW07VWwUN1sl7smmC3OKggvndJFadxxDRyFJBX/ggnu/KE4kQAB7a3Dp8f/YXC1FlUprWmA==} - engines: {node: '>= 16'} - chevrotain-allstar@0.3.1: resolution: {integrity: sha512-b7g+y9A0v4mxCW1qUhf3BSVPg+/NvGErk/dOkrDaHA0nQIQGAtrOjlX//9OQtRlSCy+x9rfB5N8yC71lH1nvMw==} peerDependencies: @@ -2198,10 +1992,6 @@ packages: decode-named-character-reference@1.3.0: resolution: {integrity: sha512-GtpQYB283KrPp6nRw50q3U9/VfOutZOe103qlN7BPP6Ad27xYnOIWv4lPzo8HCAL+mMZofJ9KEy30fq6MfaK6Q==} - deep-eql@5.0.2: - resolution: {integrity: sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==} - engines: {node: '>=6'} - delaunator@5.1.0: resolution: {integrity: sha512-AGrQ4QSgssa1NGmWmLPqN5NY2KajF5MqxetNEO+o0n3ZwZZeTmt7bBnvzHWrmkZFxGgr4HdyFgelzgi06otLuQ==} @@ -2270,8 +2060,8 @@ packages: resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} engines: {node: '>= 0.4'} - es-module-lexer@1.7.0: - resolution: {integrity: sha512-jEQoCwk8hyb2AZziIOLhDqpm5+2ww5uIE6lkO/6jcOCusfk6LhMHpXXfBLXTZ7Ydyt0j4VoUQv6uGNYbdW+kBA==} + es-module-lexer@2.0.0: + resolution: {integrity: sha512-5POEcUuZybH7IdmGsD8wlf0AI55wMecM9rVBTI/qEAy2c1kTOm3DjFYjrBdI2K3BaJjJYfYFeRtM0t9ssnRuxw==} es-object-atoms@1.1.1: resolution: {integrity: sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==} @@ -2287,11 +2077,6 @@ packages: esast-util-from-js@2.0.1: resolution: {integrity: sha512-8Ja+rNJ0Lt56Pcf3TAmpBZjmx8ZcK5Ts4cAzIOjsjevg9oSXJnl6SUQ2EevU8tv3h6ZLWmoKL5H4fgWvdvfETw==} - esbuild@0.21.5: - resolution: {integrity: sha512-mg3OPMV4hXywwpoDxu3Qda5xCKQi+vCTZq8S9J/EpkhB2HzKXq4SNFZE3+NK93JYxc8VMSep+lOUSC/RVKaBqw==} - engines: {node: '>=12'} - hasBin: true - esbuild@0.27.4: resolution: {integrity: sha512-Rq4vbHnYkK5fws5NF7MYTU68FPRE1ajX7heQ/8QXXWqNgqqJ/GkmmyxIzUnf2Sr/bakf8l54716CcMGHYhMrrQ==} engines: {node: '>=18'} @@ -2395,10 +2180,6 @@ packages: function-bind@1.1.2: resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - gensync@1.0.0-beta.2: - resolution: {integrity: sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==} - engines: {node: '>=6.9.0'} - get-intrinsic@1.3.0: resolution: {integrity: sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==} engines: {node: '>= 0.4'} @@ -2600,16 +2381,6 @@ packages: canvas: optional: true - jsesc@3.1.0: - resolution: {integrity: sha512-/sM3dO2FOzXjKQhJuo0Q173wf2KOo8t4I8vHy6lF9poUp7bKT0/NHE8fPX23PwfhnykfqnC2xRxOnVw5XuGIaA==} - engines: {node: '>=6'} - hasBin: true - - json5@2.2.3: - resolution: {integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==} - engines: {node: '>=6'} - hasBin: true - jsonfile@4.0.0: resolution: {integrity: sha512-m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg==} @@ -2719,8 +2490,8 @@ packages: resolution: {integrity: sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==} engines: {node: '>=8'} - lodash-es@4.17.23: - resolution: {integrity: sha512-kVI48u3PZr38HdYz98UmfPnXl2DXrpdctLrFLCd3kOx1xUkOmpFPx7gCWWM5MPkL/fD8zb+Ph0QzjGFs4+hHWg==} + lodash-es@4.18.1: + resolution: {integrity: sha512-J8xewKD/Gk22OZbhpOVSwcs60zhd95ESDwezOFuA3/099925PdHJ7OFHNTGtajL3AlZkykD32HykiMo+BIBI8A==} lodash.startcase@4.4.0: resolution: {integrity: sha512-+WKqsK294HMSc2jEbNgpHpd0JfIBhp7rEV4aqXWqFr6AlXov+SlcgB1Fv01y2kGe3Gc8nMW7VA0SrGuSkRfIEg==} @@ -2732,15 +2503,9 @@ packages: resolution: {integrity: sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==} hasBin: true - loupe@3.2.1: - resolution: {integrity: sha512-CdzqowRJCeLU72bHvWqwRBBlLcMEtIvGrlvef74kMnV2AolS9Y8xUv1I0U/MNAWMhBlKIoyuEgoJ0t/bbwHbLQ==} - lru-cache@10.4.3: resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==} - lru-cache@5.1.1: - resolution: {integrity: sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==} - lucide-react@0.460.0: resolution: {integrity: sha512-BVtq/DykVeIvRTJvRAgCsOwaGL8Un3Bxh8MbDxMhEWlZay3T4IpEKDEpwt5KZ0KJMHzgm6jrltxlT5eXOWXDHg==} peerDependencies: @@ -2959,8 +2724,8 @@ packages: engines: {node: ^10 || ^12 || ^13.7 || ^14 || >=15.0.1} hasBin: true - next-mdx-remote@5.0.0: - resolution: {integrity: sha512-RNNbqRpK9/dcIFZs/esQhuLA8jANqlH694yqoDBK8hkVdJUndzzGmnPHa2nyi90N4Z9VmzuSWNRpr5ItT3M7xQ==} + next-mdx-remote@6.0.0: + resolution: {integrity: sha512-cJEpEZlgD6xGjB4jL8BnI8FaYdN9BzZM4NwadPe1YQr7pqoWjg9EBCMv3nXBkuHqMRfv2y33SzUsuyNh9LFAQQ==} engines: {node: '>=14', npm: '>=7'} peerDependencies: react: '>=16' @@ -3010,6 +2775,9 @@ packages: resolution: {integrity: sha512-RSn9F68PjH9HqtltsSnqYC1XXoWe9Bju5+213R98cNGttag9q9yAOTzdbsqvIa7aNm5WffBZFpWYr2aWrklWAw==} engines: {node: '>= 6'} + obug@2.1.1: + resolution: {integrity: sha512-uTqF9MuPraAQ+IsnPf366RG4cP9RtUi7MLO1N3KEc+wb0a6yKpeL0lmk2IB1jY5KHPAlTc6T/JRdC/YqxHNwkQ==} + oniguruma-parser@0.12.1: resolution: {integrity: sha512-8Unqkvk1RYc6yq2WBYRj4hdnsAxVze8i7iPfQr8e4uSP3tRv0rpZcbGUDvxfQQcdwHt/e9PrMvGCsa8OqG9X3w==} @@ -3069,16 +2837,9 @@ packages: resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} engines: {node: '>=8'} - pathe@1.1.2: - resolution: {integrity: sha512-whLdWMYL2TwI08hn8/ZqAbrVemu0LNaNNJZX73O6qaIdCTfXutsLhMkjdENX0qhsQ9uIimo4/aQOmXkoon2nDQ==} - pathe@2.0.3: resolution: {integrity: sha512-WUjGcAqP1gQacoQe+OBJsFA7Ld4DyXuUIjZ5cc75cLHvJ7dtNsTugphxIADwspS+AraAUePCKrSVtPLFj/F88w==} - pathval@2.0.1: - resolution: {integrity: sha512-//nshmD55c46FuFw26xV/xFAaB5HF9Xdap7HJBBnrKdAd6/GxDBaNA1870O79+9ueg61cZLSVc+OaFlfmObYVQ==} - engines: {node: '>= 14.16'} - picocolors@1.1.1: resolution: {integrity: sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==} @@ -3201,10 +2962,6 @@ packages: react-is@17.0.2: resolution: {integrity: sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==} - react-refresh@0.17.0: - resolution: {integrity: sha512-z6F7K9bV85EfseRCp2bzrpyQ0Gkw1uLoCel9XBVWPg/TjRj94SkJzUTGfOa4bs7iJvBWtQG0Wq7wnI0syw3EBQ==} - engines: {node: '>=0.10.0'} - react-remove-scroll-bar@2.3.8: resolution: {integrity: sha512-9r+yi9+mgU33AKcj6IbT9oRCO78WriSj6t/cF8DWBZJ9aOGPOTEDvdUDz1FwKim7QXWwmHqtdHnRJfhAxEG46Q==} engines: {node: '>=10'} @@ -3358,10 +3115,6 @@ packages: resolution: {integrity: sha512-vfD3pmTzGpufjScBh50YHKzEu2lxBWhVEHsNGoEXmCmn2hKGfeNLYMzCJpe8cD7gqX7TJluOVpBkAequ6dgMmA==} engines: {node: '>=4'} - semver@6.3.1: - resolution: {integrity: sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==} - hasBin: true - semver@7.7.4: resolution: {integrity: sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==} engines: {node: '>=10'} @@ -3413,8 +3166,8 @@ packages: stackback@0.0.2: resolution: {integrity: sha512-1XMJE5fQo1jGH6Y/7ebnwPOBEkIEnT4QF32d5R1+VXdXveM0IBMJt8zfaxX1P3QhVwrYe+576+jkANtSS2mBbw==} - std-env@3.10.0: - resolution: {integrity: sha512-5GS12FdOZNliM5mAOxFRg7Ir0pWz8MdpYm6AY6VPkGpbA7ZzmbzNcBJQ0GPvvyWgcY7QAhCgf9Uy89I03faLkg==} + std-env@4.0.0: + resolution: {integrity: sha512-zUMPtQ/HBY3/50VbpkupYHbRroTRZJPRLvreamgErJVys0ceuzMkD44J/QjqhHjOzK42GQ3QZIeFG1OYfOtKqQ==} stringify-entities@4.0.4: resolution: {integrity: sha512-IwfBptatlO+QCJUo19AqvrPNqlVMpW9YEL2LIVY+Rpv2qsjCGxaDLNRgeGsQWJhfItebuJhsGSLjaBbNSQ+ieg==} @@ -3508,16 +3261,8 @@ packages: resolution: {integrity: sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==} engines: {node: '>=12.0.0'} - tinypool@1.1.1: - resolution: {integrity: sha512-Zba82s87IFq9A9XmjiX5uZA/ARWDrB03OHlq+Vw1fSdt0I+4/Kutwy8BP4Y/y/aORMo61FQ0vIb5j44vSo5Pkg==} - engines: {node: ^18.0.0 || >=20.0.0} - - tinyrainbow@1.2.0: - resolution: {integrity: sha512-weEDEq7Z5eTHPDh4xjX789+fHfF+P8boiFB+0vbWzpbnbsEr/GRaohi/uMKxg8RZMXnl1ItAi/IUHWMsjDV7kQ==} - engines: {node: '>=14.0.0'} - - tinyspy@3.0.2: - resolution: {integrity: sha512-n1cw8k1k0x4pgA2+9XrOkFydTerNcJ1zWCO5Nn9scWHTD+5tp8dghT2x1uduQePZTZgd3Tupf+x9BxJjeJi77Q==} + tinyrainbow@3.1.0: + resolution: {integrity: sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==} engines: {node: '>=14.0.0'} tldts-core@6.1.86: @@ -3604,9 +3349,6 @@ packages: unified@11.0.5: resolution: {integrity: sha512-xKvGhPWw3k84Qjh8bI3ZeJjqnyadK+GEFtazSfZv/rKeTkTjOJho6mFqh2SM96iIcZokxiOpg78GazTSg8+KHA==} - unist-util-is@5.2.1: - resolution: {integrity: sha512-u9njyyfEh43npf1M+yGKDGVPbY/JWEemg5nH05ncKPfi+kBbKBJoTdsogMu33uhytuLlv9y0O7GH7fEdwLdLQw==} - unist-util-is@6.0.1: resolution: {integrity: sha512-LsiILbtBETkDz8I9p1dQ0uyRUWuaQzd/cuEeS1hoRSyW5E5XGmTzlwY1OrNzzakGowI9Dr/I8HVaw4hTtnxy8g==} @@ -3616,15 +3358,12 @@ packages: unist-util-position@5.0.0: resolution: {integrity: sha512-fucsC7HjXvkB5R3kTCO7kUjRdrS0BJt3M/FPxmHMBOm8JQi2BsHAHFsy27E0EolP8rp0NzXsJ+jNPyDWvOJZPA==} - unist-util-remove@3.1.1: - resolution: {integrity: sha512-kfCqZK5YVY5yEa89tvpl7KnBBHu2c6CzMkqHUrlOqaRgGOMp0sMvwWOVrbAtj03KhovQB7i96Gda72v/EFE0vw==} + unist-util-remove@4.0.0: + resolution: {integrity: sha512-b4gokeGId57UVRX/eVKej5gXqGlc9+trkORhFJpu9raqZkZhU0zm8Doi05+HaiBsMEIJowL+2WtQ5ItjsngPXg==} unist-util-stringify-position@4.0.0: resolution: {integrity: sha512-0ASV06AAoKCDkS2+xw5RXJywruurpbC4JZSm7nr7MOt1ojAzvyyaO+UxZf18j8FCF6kmzCZKcAgN/yu2gm2XgQ==} - unist-util-visit-parents@5.1.3: - resolution: {integrity: sha512-x6+y8g7wWMyQhL1iZfhIPhDAs7Xwbn9nRosDXl7qoPTSCy0yNxnKc+hWokFifWQIDGi154rdUqKvbCa4+1kLhg==} - unist-util-visit-parents@6.0.2: resolution: {integrity: sha512-goh1s1TBrqSqukSc8wrjwWhL0hiJxgA8m4kFxGlQ+8FYQ3C/m11FcTs4YYem7V664AhHVvgoQLk890Ssdsr2IQ==} @@ -3677,27 +3416,27 @@ packages: vfile@6.0.3: resolution: {integrity: sha512-KzIbH/9tXat2u30jf+smMwFCsno4wHVdNmzFyL+T/L3UGqqk6JKfVqOFOZEpZSHADH1k40ab6NUIXZq422ov3Q==} - vite-node@2.1.9: - resolution: {integrity: sha512-AM9aQ/IPrW/6ENLQg3AGY4K1N2TGZdR5e4gu/MmmR2xR3Ll1+dib+nook92g4TV3PXVyeyxdWwtaCAiUL0hMxA==} - engines: {node: ^18.0.0 || >=20.0.0} - hasBin: true - - vite@5.4.21: - resolution: {integrity: sha512-o5a9xKjbtuhY6Bi5S3+HvbRERmouabWbyUcpXXUA1u+GNUKoROi9byOJ8M0nHbHYHkYICiMlqxkg1KkYmm25Sw==} - engines: {node: ^18.0.0 || >=20.0.0} + vite@7.3.1: + resolution: {integrity: sha512-w+N7Hifpc3gRjZ63vYBXA56dvvRlNWRczTdmCBBa+CotUzAPf5b7YMdMR/8CQoeYE5LX3W4wj6RYTgonm1b9DA==} + engines: {node: ^20.19.0 || >=22.12.0} hasBin: true peerDependencies: - '@types/node': ^18.0.0 || >=20.0.0 - less: '*' + '@types/node': ^20.19.0 || >=22.12.0 + jiti: '>=1.21.0' + less: ^4.0.0 lightningcss: ^1.21.0 - sass: '*' - sass-embedded: '*' - stylus: '*' - sugarss: '*' - terser: ^5.4.0 + sass: ^1.70.0 + sass-embedded: ^1.70.0 + stylus: '>=0.54.8' + sugarss: ^5.0.0 + terser: ^5.16.0 + tsx: ^4.8.1 + yaml: ^2.4.2 peerDependenciesMeta: '@types/node': optional: true + jiti: + optional: true less: optional: true lightningcss: @@ -3712,24 +3451,38 @@ packages: optional: true terser: optional: true + tsx: + optional: true + yaml: + optional: true - vitest@2.1.9: - resolution: {integrity: sha512-MSmPM9REYqDGBI8439mA4mWhV5sKmDlBKWIYbA3lRb2PTHACE0mgKwA8yQ2xq9vxDTuk4iPrECBAEW2aoFXY0Q==} - engines: {node: ^18.0.0 || >=20.0.0} + vitest@4.1.2: + resolution: {integrity: sha512-xjR1dMTVHlFLh98JE3i/f/WePqJsah4A0FK9cc8Ehp9Udk0AZk6ccpIZhh1qJ/yxVWRZ+Q54ocnD8TXmkhspGg==} + engines: {node: ^20.0.0 || ^22.0.0 || >=24.0.0} hasBin: true peerDependencies: '@edge-runtime/vm': '*' - '@types/node': ^18.0.0 || >=20.0.0 - '@vitest/browser': 2.1.9 - '@vitest/ui': 2.1.9 + '@opentelemetry/api': ^1.9.0 + '@types/node': ^20.0.0 || ^22.0.0 || >=24.0.0 + '@vitest/browser-playwright': 4.1.2 + '@vitest/browser-preview': 4.1.2 + '@vitest/browser-webdriverio': 4.1.2 + '@vitest/ui': 4.1.2 happy-dom: '*' jsdom: '*' + vite: ^6.0.0 || ^7.0.0 || ^8.0.0 peerDependenciesMeta: '@edge-runtime/vm': optional: true + '@opentelemetry/api': + optional: true '@types/node': optional: true - '@vitest/browser': + '@vitest/browser-playwright': + optional: true + '@vitest/browser-preview': + optional: true + '@vitest/browser-webdriverio': optional: true '@vitest/ui': optional: true @@ -3808,9 +3561,6 @@ packages: xmlchars@2.2.0: resolution: {integrity: sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==} - yallist@3.1.1: - resolution: {integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==} - yaml@2.8.3: resolution: {integrity: sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==} engines: {node: '>= 14.6'} @@ -3842,114 +3592,10 @@ snapshots: js-tokens: 4.0.0 picocolors: 1.1.1 - '@babel/compat-data@7.29.0': {} - - '@babel/core@7.29.0': - dependencies: - '@babel/code-frame': 7.29.0 - '@babel/generator': 7.29.1 - '@babel/helper-compilation-targets': 7.28.6 - '@babel/helper-module-transforms': 7.28.6(@babel/core@7.29.0) - '@babel/helpers': 7.29.2 - '@babel/parser': 7.29.2 - '@babel/template': 7.28.6 - '@babel/traverse': 7.29.0 - '@babel/types': 7.29.0 - '@jridgewell/remapping': 2.3.5 - convert-source-map: 2.0.0 - debug: 4.4.3 - gensync: 1.0.0-beta.2 - json5: 2.2.3 - semver: 6.3.1 - transitivePeerDependencies: - - supports-color - - '@babel/generator@7.29.1': - dependencies: - '@babel/parser': 7.29.2 - '@babel/types': 7.29.0 - '@jridgewell/gen-mapping': 0.3.13 - '@jridgewell/trace-mapping': 0.3.31 - jsesc: 3.1.0 - - '@babel/helper-compilation-targets@7.28.6': - dependencies: - '@babel/compat-data': 7.29.0 - '@babel/helper-validator-option': 7.27.1 - browserslist: 4.28.1 - lru-cache: 5.1.1 - semver: 6.3.1 - - '@babel/helper-globals@7.28.0': {} - - '@babel/helper-module-imports@7.28.6': - dependencies: - '@babel/traverse': 7.29.0 - '@babel/types': 7.29.0 - transitivePeerDependencies: - - supports-color - - '@babel/helper-module-transforms@7.28.6(@babel/core@7.29.0)': - dependencies: - '@babel/core': 7.29.0 - '@babel/helper-module-imports': 7.28.6 - '@babel/helper-validator-identifier': 7.28.5 - '@babel/traverse': 7.29.0 - transitivePeerDependencies: - - supports-color - - '@babel/helper-plugin-utils@7.28.6': {} - - '@babel/helper-string-parser@7.27.1': {} - '@babel/helper-validator-identifier@7.28.5': {} - '@babel/helper-validator-option@7.27.1': {} - - '@babel/helpers@7.29.2': - dependencies: - '@babel/template': 7.28.6 - '@babel/types': 7.29.0 - - '@babel/parser@7.29.2': - dependencies: - '@babel/types': 7.29.0 - - '@babel/plugin-transform-react-jsx-self@7.27.1(@babel/core@7.29.0)': - dependencies: - '@babel/core': 7.29.0 - '@babel/helper-plugin-utils': 7.28.6 - - '@babel/plugin-transform-react-jsx-source@7.27.1(@babel/core@7.29.0)': - dependencies: - '@babel/core': 7.29.0 - '@babel/helper-plugin-utils': 7.28.6 - '@babel/runtime@7.29.2': {} - '@babel/template@7.28.6': - dependencies: - '@babel/code-frame': 7.29.0 - '@babel/parser': 7.29.2 - '@babel/types': 7.29.0 - - '@babel/traverse@7.29.0': - dependencies: - '@babel/code-frame': 7.29.0 - '@babel/generator': 7.29.1 - '@babel/helper-globals': 7.28.0 - '@babel/parser': 7.29.2 - '@babel/template': 7.28.6 - '@babel/types': 7.29.0 - debug: 4.4.3 - transitivePeerDependencies: - - supports-color - - '@babel/types@7.29.0': - dependencies: - '@babel/helper-string-parser': 7.27.1 - '@babel/helper-validator-identifier': 7.28.5 - '@braintree/sanitize-url@7.1.2': {} '@changesets/apply-release-plan@7.1.0': @@ -4099,12 +3745,12 @@ snapshots: dependencies: '@chevrotain/gast': 11.1.2 '@chevrotain/types': 11.1.2 - lodash-es: 4.17.23 + lodash-es: 4.18.1 '@chevrotain/gast@11.1.2': dependencies: '@chevrotain/types': 11.1.2 - lodash-es: 4.17.23 + lodash-es: 4.18.1 '@chevrotain/regexp-to-ast@11.1.2': {} @@ -4112,7 +3758,7 @@ snapshots: '@chevrotain/utils@11.1.2': {} - '@create-markdown/core@0.2.0': {} + '@create-markdown/core@2.0.0': {} '@csstools/color-helpers@5.1.0': {} @@ -4164,150 +3810,81 @@ snapshots: tslib: 2.8.1 optional: true - '@esbuild/aix-ppc64@0.21.5': - optional: true - '@esbuild/aix-ppc64@0.27.4': optional: true - '@esbuild/android-arm64@0.21.5': - optional: true - '@esbuild/android-arm64@0.27.4': optional: true - '@esbuild/android-arm@0.21.5': - optional: true - '@esbuild/android-arm@0.27.4': optional: true - '@esbuild/android-x64@0.21.5': - optional: true - '@esbuild/android-x64@0.27.4': optional: true - '@esbuild/darwin-arm64@0.21.5': - optional: true - '@esbuild/darwin-arm64@0.27.4': optional: true - '@esbuild/darwin-x64@0.21.5': - optional: true - '@esbuild/darwin-x64@0.27.4': optional: true - '@esbuild/freebsd-arm64@0.21.5': - optional: true - '@esbuild/freebsd-arm64@0.27.4': optional: true - '@esbuild/freebsd-x64@0.21.5': - optional: true - '@esbuild/freebsd-x64@0.27.4': optional: true - '@esbuild/linux-arm64@0.21.5': - optional: true - '@esbuild/linux-arm64@0.27.4': optional: true - '@esbuild/linux-arm@0.21.5': - optional: true - '@esbuild/linux-arm@0.27.4': optional: true - '@esbuild/linux-ia32@0.21.5': - optional: true - '@esbuild/linux-ia32@0.27.4': optional: true - '@esbuild/linux-loong64@0.21.5': - optional: true - '@esbuild/linux-loong64@0.27.4': optional: true - '@esbuild/linux-mips64el@0.21.5': - optional: true - '@esbuild/linux-mips64el@0.27.4': optional: true - '@esbuild/linux-ppc64@0.21.5': - optional: true - '@esbuild/linux-ppc64@0.27.4': optional: true - '@esbuild/linux-riscv64@0.21.5': - optional: true - '@esbuild/linux-riscv64@0.27.4': optional: true - '@esbuild/linux-s390x@0.21.5': - optional: true - '@esbuild/linux-s390x@0.27.4': optional: true - '@esbuild/linux-x64@0.21.5': - optional: true - '@esbuild/linux-x64@0.27.4': optional: true '@esbuild/netbsd-arm64@0.27.4': optional: true - '@esbuild/netbsd-x64@0.21.5': - optional: true - '@esbuild/netbsd-x64@0.27.4': optional: true '@esbuild/openbsd-arm64@0.27.4': optional: true - '@esbuild/openbsd-x64@0.21.5': - optional: true - '@esbuild/openbsd-x64@0.27.4': optional: true '@esbuild/openharmony-arm64@0.27.4': optional: true - '@esbuild/sunos-x64@0.21.5': - optional: true - '@esbuild/sunos-x64@0.27.4': optional: true - '@esbuild/win32-arm64@0.21.5': - optional: true - '@esbuild/win32-arm64@0.27.4': optional: true - '@esbuild/win32-ia32@0.21.5': - optional: true - '@esbuild/win32-ia32@0.27.4': optional: true - '@esbuild/win32-x64@0.21.5': - optional: true - '@esbuild/win32-x64@0.27.4': optional: true @@ -4720,8 +4297,6 @@ snapshots: optionalDependencies: '@types/react': 19.2.14 - '@rolldown/pluginutils@1.0.0-beta.27': {} - '@rollup/rollup-android-arm-eabi@4.60.0': optional: true @@ -4830,6 +4405,8 @@ snapshots: '@shikijs/vscode-textmate@10.0.2': {} + '@standard-schema/spec@1.1.0': {} + '@swc/helpers@0.5.15': dependencies: tslib: 2.8.1 @@ -4919,7 +4496,7 @@ snapshots: picocolors: 1.1.1 pretty-format: 27.5.1 - '@testing-library/react@16.3.2(@testing-library/dom@10.4.1)(@types/react-dom@19.2.3(@types/react@18.3.28))(@types/react@18.3.28)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': + '@testing-library/react@16.3.2(@testing-library/dom@10.4.1)(@types/react-dom@18.3.7(@types/react@18.3.28))(@types/react@18.3.28)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': dependencies: '@babel/runtime': 7.29.2 '@testing-library/dom': 10.4.1 @@ -4927,7 +4504,7 @@ snapshots: react-dom: 18.3.1(react@18.3.1) optionalDependencies: '@types/react': 18.3.28 - '@types/react-dom': 19.2.3(@types/react@18.3.28) + '@types/react-dom': 18.3.7(@types/react@18.3.28) '@testing-library/react@16.3.2(@testing-library/dom@10.4.1)(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)': dependencies: @@ -4959,26 +4536,10 @@ snapshots: '@types/aria-query@5.0.4': {} - '@types/babel__core@7.20.5': - dependencies: - '@babel/parser': 7.29.2 - '@babel/types': 7.29.0 - '@types/babel__generator': 7.27.0 - '@types/babel__template': 7.4.4 - '@types/babel__traverse': 7.28.0 - - '@types/babel__generator@7.27.0': - dependencies: - '@babel/types': 7.29.0 - - '@types/babel__template@7.4.4': + '@types/chai@5.2.3': dependencies: - '@babel/parser': 7.29.2 - '@babel/types': 7.29.0 - - '@types/babel__traverse@7.28.0': - dependencies: - '@babel/types': 7.29.0 + '@types/deep-eql': 4.0.2 + assertion-error: 2.0.1 '@types/d3-array@3.2.2': {} @@ -5101,6 +4662,8 @@ snapshots: dependencies: '@types/ms': 2.1.0 + '@types/deep-eql@4.0.2': {} + '@types/estree-jsx@1.0.5': dependencies: '@types/estree': 1.0.8 @@ -5133,10 +4696,9 @@ snapshots: '@types/prop-types@15.7.15': {} - '@types/react-dom@19.2.3(@types/react@18.3.28)': + '@types/react-dom@18.3.7(@types/react@18.3.28)': dependencies: '@types/react': 18.3.28 - optional: true '@types/react-dom@19.2.3(@types/react@19.2.14)': dependencies: @@ -5165,62 +4727,59 @@ snapshots: d3-selection: 3.0.0 d3-transition: 3.0.1(d3-selection@3.0.0) - '@vercel/analytics@1.6.1(next@16.2.1(@babel/core@7.29.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(react@19.2.4)': + '@vercel/analytics@1.6.1(next@16.2.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(react@19.2.4)': optionalDependencies: - next: 16.2.1(@babel/core@7.29.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4) + next: 16.2.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4) react: 19.2.4 - '@vitejs/plugin-react@4.7.0(vite@5.4.21(@types/node@25.5.0)(lightningcss@1.32.0))': + '@vitest/expect@4.1.2': dependencies: - '@babel/core': 7.29.0 - '@babel/plugin-transform-react-jsx-self': 7.27.1(@babel/core@7.29.0) - '@babel/plugin-transform-react-jsx-source': 7.27.1(@babel/core@7.29.0) - '@rolldown/pluginutils': 1.0.0-beta.27 - '@types/babel__core': 7.20.5 - react-refresh: 0.17.0 - vite: 5.4.21(@types/node@25.5.0)(lightningcss@1.32.0) - transitivePeerDependencies: - - supports-color + '@standard-schema/spec': 1.1.0 + '@types/chai': 5.2.3 + '@vitest/spy': 4.1.2 + '@vitest/utils': 4.1.2 + chai: 6.2.2 + tinyrainbow: 3.1.0 - '@vitest/expect@2.1.9': + '@vitest/mocker@4.1.2(vite@7.3.1(@types/node@20.19.37)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3))': dependencies: - '@vitest/spy': 2.1.9 - '@vitest/utils': 2.1.9 - chai: 5.3.3 - tinyrainbow: 1.2.0 + '@vitest/spy': 4.1.2 + estree-walker: 3.0.3 + magic-string: 0.30.21 + optionalDependencies: + vite: 7.3.1(@types/node@20.19.37)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) - '@vitest/mocker@2.1.9(vite@5.4.21(@types/node@25.5.0)(lightningcss@1.32.0))': + '@vitest/mocker@4.1.2(vite@7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3))': dependencies: - '@vitest/spy': 2.1.9 + '@vitest/spy': 4.1.2 estree-walker: 3.0.3 magic-string: 0.30.21 optionalDependencies: - vite: 5.4.21(@types/node@25.5.0)(lightningcss@1.32.0) + vite: 7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) - '@vitest/pretty-format@2.1.9': + '@vitest/pretty-format@4.1.2': dependencies: - tinyrainbow: 1.2.0 + tinyrainbow: 3.1.0 - '@vitest/runner@2.1.9': + '@vitest/runner@4.1.2': dependencies: - '@vitest/utils': 2.1.9 - pathe: 1.1.2 + '@vitest/utils': 4.1.2 + pathe: 2.0.3 - '@vitest/snapshot@2.1.9': + '@vitest/snapshot@4.1.2': dependencies: - '@vitest/pretty-format': 2.1.9 + '@vitest/pretty-format': 4.1.2 + '@vitest/utils': 4.1.2 magic-string: 0.30.21 - pathe: 1.1.2 + pathe: 2.0.3 - '@vitest/spy@2.1.9': - dependencies: - tinyspy: 3.0.2 + '@vitest/spy@4.1.2': {} - '@vitest/utils@2.1.9': + '@vitest/utils@4.1.2': dependencies: - '@vitest/pretty-format': 2.1.9 - loupe: 3.2.1 - tinyrainbow: 1.2.0 + '@vitest/pretty-format': 4.1.2 + convert-source-map: 2.0.0 + tinyrainbow: 3.1.0 acorn-jsx@5.3.2(acorn@8.16.0): dependencies: @@ -5316,13 +4875,7 @@ snapshots: ccount@2.0.1: {} - chai@5.3.3: - dependencies: - assertion-error: 2.0.1 - check-error: 2.1.3 - deep-eql: 5.0.2 - loupe: 3.2.1 - pathval: 2.0.1 + chai@6.2.2: {} character-entities-html4@2.1.0: {} @@ -5334,12 +4887,10 @@ snapshots: chardet@2.1.1: {} - check-error@2.1.3: {} - chevrotain-allstar@0.3.1(chevrotain@11.1.2): dependencies: chevrotain: 11.1.2 - lodash-es: 4.17.23 + lodash-es: 4.18.1 chevrotain@11.1.2: dependencies: @@ -5348,7 +4899,7 @@ snapshots: '@chevrotain/regexp-to-ast': 11.1.2 '@chevrotain/types': 11.1.2 '@chevrotain/utils': 11.1.2 - lodash-es: 4.17.23 + lodash-es: 4.18.1 chokidar@3.6.0: dependencies: @@ -5611,7 +5162,7 @@ snapshots: dagre-d3-es@7.0.14: dependencies: d3: 7.9.0 - lodash-es: 4.17.23 + lodash-es: 4.18.1 data-urls@5.0.0: dependencies: @@ -5630,8 +5181,6 @@ snapshots: dependencies: character-entities: 2.0.2 - deep-eql@5.0.2: {} - delaunator@5.1.0: dependencies: robust-predicates: 3.0.3 @@ -5688,7 +5237,7 @@ snapshots: es-errors@1.3.0: {} - es-module-lexer@1.7.0: {} + es-module-lexer@2.0.0: {} es-object-atoms@1.1.1: dependencies: @@ -5715,32 +5264,6 @@ snapshots: esast-util-from-estree: 2.0.0 vfile-message: 4.0.3 - esbuild@0.21.5: - optionalDependencies: - '@esbuild/aix-ppc64': 0.21.5 - '@esbuild/android-arm': 0.21.5 - '@esbuild/android-arm64': 0.21.5 - '@esbuild/android-x64': 0.21.5 - '@esbuild/darwin-arm64': 0.21.5 - '@esbuild/darwin-x64': 0.21.5 - '@esbuild/freebsd-arm64': 0.21.5 - '@esbuild/freebsd-x64': 0.21.5 - '@esbuild/linux-arm': 0.21.5 - '@esbuild/linux-arm64': 0.21.5 - '@esbuild/linux-ia32': 0.21.5 - '@esbuild/linux-loong64': 0.21.5 - '@esbuild/linux-mips64el': 0.21.5 - '@esbuild/linux-ppc64': 0.21.5 - '@esbuild/linux-riscv64': 0.21.5 - '@esbuild/linux-s390x': 0.21.5 - '@esbuild/linux-x64': 0.21.5 - '@esbuild/netbsd-x64': 0.21.5 - '@esbuild/openbsd-x64': 0.21.5 - '@esbuild/sunos-x64': 0.21.5 - '@esbuild/win32-arm64': 0.21.5 - '@esbuild/win32-ia32': 0.21.5 - '@esbuild/win32-x64': 0.21.5 - esbuild@0.27.4: optionalDependencies: '@esbuild/aix-ppc64': 0.27.4 @@ -5877,8 +5400,6 @@ snapshots: function-bind@1.1.2: {} - gensync@1.0.0-beta.2: {} - get-intrinsic@1.3.0: dependencies: call-bind-apply-helpers: 1.0.2 @@ -6136,10 +5657,6 @@ snapshots: - supports-color - utf-8-validate - jsesc@3.1.0: {} - - json5@2.2.3: {} - jsonfile@4.0.0: optionalDependencies: graceful-fs: 4.2.11 @@ -6223,7 +5740,7 @@ snapshots: dependencies: p-locate: 4.1.0 - lodash-es@4.17.23: {} + lodash-es@4.18.1: {} lodash.startcase@4.4.0: {} @@ -6233,14 +5750,8 @@ snapshots: dependencies: js-tokens: 4.0.0 - loupe@3.2.1: {} - lru-cache@10.4.3: {} - lru-cache@5.1.1: - dependencies: - yallist: 3.1.1 - lucide-react@0.460.0(react@19.2.4): dependencies: react: 19.2.4 @@ -6441,7 +5952,7 @@ snapshots: dompurify: 3.3.3 katex: 0.16.40 khroma: 2.1.0 - lodash-es: 4.17.23 + lodash-es: 4.18.1 marked: 16.4.2 roughjs: 4.6.6 stylis: 4.3.6 @@ -6742,13 +6253,14 @@ snapshots: nanoid@3.3.11: {} - next-mdx-remote@5.0.0(@types/react@19.2.14)(react@19.2.4): + next-mdx-remote@6.0.0(@types/react@19.2.14)(react@19.2.4): dependencies: '@babel/code-frame': 7.29.0 '@mdx-js/mdx': 3.1.1 '@mdx-js/react': 3.1.1(@types/react@19.2.14)(react@19.2.4) react: 19.2.4 - unist-util-remove: 3.1.1 + unist-util-remove: 4.0.0 + unist-util-visit: 5.1.0 vfile: 6.0.3 vfile-matter: 5.0.1 transitivePeerDependencies: @@ -6760,7 +6272,7 @@ snapshots: react: 19.2.4 react-dom: 19.2.4(react@19.2.4) - next@16.2.1(@babel/core@7.29.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4): + next@16.2.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4): dependencies: '@next/env': 16.2.1 '@swc/helpers': 0.5.15 @@ -6769,7 +6281,7 @@ snapshots: postcss: 8.4.31 react: 19.2.4 react-dom: 19.2.4(react@19.2.4) - styled-jsx: 5.1.6(@babel/core@7.29.0)(react@19.2.4) + styled-jsx: 5.1.6(react@19.2.4) optionalDependencies: '@next/swc-darwin-arm64': 16.2.1 '@next/swc-darwin-x64': 16.2.1 @@ -6794,6 +6306,8 @@ snapshots: object-hash@3.0.0: {} + obug@2.1.1: {} + oniguruma-parser@0.12.1: {} oniguruma-to-es@4.3.5: @@ -6850,12 +6364,8 @@ snapshots: path-type@4.0.0: {} - pathe@1.1.2: {} - pathe@2.0.3: {} - pathval@2.0.1: {} - picocolors@1.1.1: {} picomatch@2.3.2: {} @@ -6969,8 +6479,6 @@ snapshots: react-is@17.0.2: {} - react-refresh@0.17.0: {} - react-remove-scroll-bar@2.3.8(@types/react@19.2.14)(react@19.2.4): dependencies: react: 19.2.4 @@ -7196,8 +6704,6 @@ snapshots: extend-shallow: 2.0.1 kind-of: 6.0.3 - semver@6.3.1: {} - semver@7.7.4: {} sharp@0.34.5: @@ -7270,7 +6776,7 @@ snapshots: stackback@0.0.2: {} - std-env@3.10.0: {} + std-env@4.0.0: {} stringify-entities@4.0.4: dependencies: @@ -7293,12 +6799,10 @@ snapshots: dependencies: inline-style-parser: 0.2.7 - styled-jsx@5.1.6(@babel/core@7.29.0)(react@19.2.4): + styled-jsx@5.1.6(react@19.2.4): dependencies: client-only: 0.0.1 react: 19.2.4 - optionalDependencies: - '@babel/core': 7.29.0 stylis@4.3.6: {} @@ -7373,11 +6877,7 @@ snapshots: fdir: 6.5.0(picomatch@4.0.4) picomatch: 4.0.4 - tinypool@1.1.1: {} - - tinyrainbow@1.2.0: {} - - tinyspy@3.0.2: {} + tinyrainbow@3.1.0: {} tldts-core@6.1.86: {} @@ -7471,10 +6971,6 @@ snapshots: trough: 2.2.0 vfile: 6.0.3 - unist-util-is@5.2.1: - dependencies: - '@types/unist': 2.0.11 - unist-util-is@6.0.1: dependencies: '@types/unist': 3.0.3 @@ -7487,21 +6983,16 @@ snapshots: dependencies: '@types/unist': 3.0.3 - unist-util-remove@3.1.1: + unist-util-remove@4.0.0: dependencies: - '@types/unist': 2.0.11 - unist-util-is: 5.2.1 - unist-util-visit-parents: 5.1.3 + '@types/unist': 3.0.3 + unist-util-is: 6.0.1 + unist-util-visit-parents: 6.0.2 unist-util-stringify-position@4.0.0: dependencies: '@types/unist': 3.0.3 - unist-util-visit-parents@5.1.3: - dependencies: - '@types/unist': 2.0.11 - unist-util-is: 5.2.1 - unist-util-visit-parents@6.0.2: dependencies: '@types/unist': 3.0.3 @@ -7555,133 +7046,93 @@ snapshots: '@types/unist': 3.0.3 vfile-message: 4.0.3 - vite-node@2.1.9(@types/node@20.19.37)(lightningcss@1.32.0): - dependencies: - cac: 6.7.14 - debug: 4.4.3 - es-module-lexer: 1.7.0 - pathe: 1.1.2 - vite: 5.4.21(@types/node@20.19.37)(lightningcss@1.32.0) - transitivePeerDependencies: - - '@types/node' - - less - - lightningcss - - sass - - sass-embedded - - stylus - - sugarss - - supports-color - - terser - - vite-node@2.1.9(@types/node@25.5.0)(lightningcss@1.32.0): - dependencies: - cac: 6.7.14 - debug: 4.4.3 - es-module-lexer: 1.7.0 - pathe: 1.1.2 - vite: 5.4.21(@types/node@25.5.0)(lightningcss@1.32.0) - transitivePeerDependencies: - - '@types/node' - - less - - lightningcss - - sass - - sass-embedded - - stylus - - sugarss - - supports-color - - terser - - vite@5.4.21(@types/node@20.19.37)(lightningcss@1.32.0): + vite@7.3.1(@types/node@20.19.37)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3): dependencies: - esbuild: 0.21.5 + esbuild: 0.27.4 + fdir: 6.5.0(picomatch@4.0.4) + picomatch: 4.0.4 postcss: 8.5.8 rollup: 4.60.0 + tinyglobby: 0.2.15 optionalDependencies: '@types/node': 20.19.37 fsevents: 2.3.3 + jiti: 2.6.1 lightningcss: 1.32.0 + tsx: 4.21.0 + yaml: 2.8.3 - vite@5.4.21(@types/node@25.5.0)(lightningcss@1.32.0): + vite@7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3): dependencies: - esbuild: 0.21.5 + esbuild: 0.27.4 + fdir: 6.5.0(picomatch@4.0.4) + picomatch: 4.0.4 postcss: 8.5.8 rollup: 4.60.0 + tinyglobby: 0.2.15 optionalDependencies: '@types/node': 25.5.0 fsevents: 2.3.3 + jiti: 2.6.1 lightningcss: 1.32.0 + tsx: 4.21.0 + yaml: 2.8.3 - vitest@2.1.9(@types/node@20.19.37)(jsdom@25.0.1)(lightningcss@1.32.0): + vitest@4.1.2(@types/node@20.19.37)(jsdom@25.0.1)(vite@7.3.1(@types/node@20.19.37)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)): dependencies: - '@vitest/expect': 2.1.9 - '@vitest/mocker': 2.1.9(vite@5.4.21(@types/node@25.5.0)(lightningcss@1.32.0)) - '@vitest/pretty-format': 2.1.9 - '@vitest/runner': 2.1.9 - '@vitest/snapshot': 2.1.9 - '@vitest/spy': 2.1.9 - '@vitest/utils': 2.1.9 - chai: 5.3.3 - debug: 4.4.3 + '@vitest/expect': 4.1.2 + '@vitest/mocker': 4.1.2(vite@7.3.1(@types/node@20.19.37)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)) + '@vitest/pretty-format': 4.1.2 + '@vitest/runner': 4.1.2 + '@vitest/snapshot': 4.1.2 + '@vitest/spy': 4.1.2 + '@vitest/utils': 4.1.2 + es-module-lexer: 2.0.0 expect-type: 1.3.0 magic-string: 0.30.21 - pathe: 1.1.2 - std-env: 3.10.0 + obug: 2.1.1 + pathe: 2.0.3 + picomatch: 4.0.4 + std-env: 4.0.0 tinybench: 2.9.0 - tinyexec: 0.3.2 - tinypool: 1.1.1 - tinyrainbow: 1.2.0 - vite: 5.4.21(@types/node@20.19.37)(lightningcss@1.32.0) - vite-node: 2.1.9(@types/node@20.19.37)(lightningcss@1.32.0) + tinyexec: 1.0.4 + tinyglobby: 0.2.15 + tinyrainbow: 3.1.0 + vite: 7.3.1(@types/node@20.19.37)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) why-is-node-running: 2.3.0 optionalDependencies: '@types/node': 20.19.37 jsdom: 25.0.1 transitivePeerDependencies: - - less - - lightningcss - msw - - sass - - sass-embedded - - stylus - - sugarss - - supports-color - - terser - - vitest@2.1.9(@types/node@25.5.0)(jsdom@25.0.1)(lightningcss@1.32.0): - dependencies: - '@vitest/expect': 2.1.9 - '@vitest/mocker': 2.1.9(vite@5.4.21(@types/node@25.5.0)(lightningcss@1.32.0)) - '@vitest/pretty-format': 2.1.9 - '@vitest/runner': 2.1.9 - '@vitest/snapshot': 2.1.9 - '@vitest/spy': 2.1.9 - '@vitest/utils': 2.1.9 - chai: 5.3.3 - debug: 4.4.3 + + vitest@4.1.2(@types/node@25.5.0)(jsdom@25.0.1)(vite@7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)): + dependencies: + '@vitest/expect': 4.1.2 + '@vitest/mocker': 4.1.2(vite@7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3)) + '@vitest/pretty-format': 4.1.2 + '@vitest/runner': 4.1.2 + '@vitest/snapshot': 4.1.2 + '@vitest/spy': 4.1.2 + '@vitest/utils': 4.1.2 + es-module-lexer: 2.0.0 expect-type: 1.3.0 magic-string: 0.30.21 - pathe: 1.1.2 - std-env: 3.10.0 + obug: 2.1.1 + pathe: 2.0.3 + picomatch: 4.0.4 + std-env: 4.0.0 tinybench: 2.9.0 - tinyexec: 0.3.2 - tinypool: 1.1.1 - tinyrainbow: 1.2.0 - vite: 5.4.21(@types/node@25.5.0)(lightningcss@1.32.0) - vite-node: 2.1.9(@types/node@25.5.0)(lightningcss@1.32.0) + tinyexec: 1.0.4 + tinyglobby: 0.2.15 + tinyrainbow: 3.1.0 + vite: 7.3.1(@types/node@25.5.0)(jiti@2.6.1)(lightningcss@1.32.0)(tsx@4.21.0)(yaml@2.8.3) why-is-node-running: 2.3.0 optionalDependencies: '@types/node': 25.5.0 jsdom: 25.0.1 transitivePeerDependencies: - - less - - lightningcss - msw - - sass - - sass-embedded - - stylus - - sugarss - - supports-color - - terser vscode-jsonrpc@8.2.0: {} @@ -7732,8 +7183,6 @@ snapshots: xmlchars@2.2.0: {} - yallist@3.1.1: {} - yaml@2.8.3: {} zwitch@2.0.4: {} diff --git a/scripts/security-audit.sh b/scripts/security-audit.sh index a255380..4737f79 100755 --- a/scripts/security-audit.sh +++ b/scripts/security-audit.sh @@ -22,10 +22,12 @@ divider() { printf "${DIM}────────────────── PASS=0 WARN=0 FAIL=0 +STRICT_WARN=0 -record_pass() { ((PASS++)); success "$*"; } -record_warn() { ((WARN++)); warn "$*"; } -record_fail() { ((FAIL++)); error "$*"; } +record_pass() { PASS=$((PASS + 1)); success "$*"; } +record_warn() { WARN=$((WARN + 1)); warn "$*"; } +record_strict_warn() { WARN=$((WARN + 1)); STRICT_WARN=$((STRICT_WARN + 1)); warn "$*"; } +record_fail() { FAIL=$((FAIL + 1)); error "$*"; } # ─── Locate root ───────────────────────────────────────────────────────────── @@ -44,7 +46,7 @@ while [[ $# -gt 0 ]]; do --verbose) VERBOSE=true; shift ;; -h|--help) printf "Usage: %s [--strict] [--verbose]\n" "$(basename "$0")" - printf " --strict Exit non-zero on any warning or failure\n" + printf " --strict Exit non-zero on any remaining dependency advisory\n" printf " --verbose Show detailed output for each check\n" exit 0 ;; @@ -107,38 +109,166 @@ fi step "2/8 Dependency vulnerabilities" -if command -v npm &>/dev/null; then +if command -v pnpm &>/dev/null; then AUDIT_TMP="$(mktemp)" - npm audit --json > "$AUDIT_TMP" 2>/dev/null || true + pnpm audit --json > "$AUDIT_TMP" 2>/dev/null || true + + AUDIT_REPORT="$(node - "$AUDIT_TMP" "$STRICT" <<'NODE' +const fs = require('fs'); + +const auditPath = process.argv[2]; +const strict = process.argv[3] === 'true'; + +function rank(severity) { + return ({ critical: 4, high: 3, moderate: 2, low: 1, info: 0 }[severity] ?? -1); +} + +function unique(values) { + return [...new Set(values)]; +} + +function ownerFor(path) { + if (!path) return ''; + + const importer = path.split('>')[0]; + if (importer === '.' || importer.startsWith('.')) { + return 'workspace root'; + } + + if (importer.startsWith('packages__')) { + return importer.replace(/^packages__/, 'packages/').replace(/__/g, '/'); + } + + if (importer.includes('__')) { + return importer.replace(/__/g, '/'); + } + + return ''; +} + +try { + const raw = fs.readFileSync(auditPath, 'utf8').trim(); + if (!raw) { + console.log('PARSE_ERROR\tpnpm audit returned no output'); + process.exit(0); + } + + const data = JSON.parse(raw); + if (data.error) { + const message = data.error.summary || data.error.message || 'pnpm audit failed'; + console.log(`AUDIT_ERROR\t${message}`); + process.exit(0); + } + + const counts = data.metadata?.vulnerabilities || {}; + console.log([ + 'COUNTS', + counts.critical || 0, + counts.high || 0, + counts.moderate || 0, + counts.low || 0, + counts.info || 0, + ].join('\t')); + + const advisories = Object.values(data.advisories || {}).sort((a, b) => { + return rank(b.severity) - rank(a.severity) || a.module_name.localeCompare(b.module_name); + }); + + for (const advisory of advisories) { + const severity = advisory.severity || 'unknown'; + const paths = unique((advisory.findings || []).flatMap((finding) => finding.paths || [])); + const owners = unique(paths.map(ownerFor).filter(Boolean)); + const ownerLabel = owners.length ? owners.join(', ') : 'workspace owner unavailable'; + const fix = advisory.patched_versions || advisory.recommendation || 'no patched version listed'; + const advisoryId = advisory.cves?.length + ? advisory.cves.join(', ') + : (advisory.github_advisory_id || advisory.url || 'no advisory id'); + const shouldBlock = severity === 'critical' || severity === 'high' || ( + strict && ['moderate', 'low', 'info'].includes(severity) + ); + + console.log([ + 'ADVISORY', + severity, + advisory.module_name || 'unknown-module', + advisoryId, + fix, + ownerLabel, + shouldBlock ? 'block' : 'warn', + advisory.title || 'Unnamed advisory', + ].join('\t')); + + for (const path of paths.slice(0, 5)) { + console.log(['PATH', path].join('\t')); + } + + if (paths.length > 5) { + console.log(['PATH', `...and ${paths.length - 5} more path(s)`].join('\t')); + } + } +} catch (error) { + console.log(`PARSE_ERROR\tCould not parse pnpm audit output: ${error.message}`); +} +NODE +)" - VULN_COUNTS="$(node -e " - const fs = require('fs'); - try { - const d = JSON.parse(fs.readFileSync('$AUDIT_TMP', 'utf8')); - const m = d.metadata?.vulnerabilities || {}; - const c = m.critical || 0, h = m.high || 0; - const total = c + h + (m.moderate || 0) + (m.low || 0) + (m.info || 0); - console.log(c + ' ' + h + ' ' + total); - } catch { console.log('-1 0 0'); } - " 2>/dev/null || echo "-1 0 0")" - - read -r CRITICAL HIGH TOTAL_VULNS <<< "$VULN_COUNTS" rm -f "$AUDIT_TMP" - if [[ "$CRITICAL" == "-1" ]]; then - record_warn "Could not parse npm audit output" - elif [[ "$CRITICAL" -gt 0 ]]; then - record_fail "npm audit: ${CRITICAL} critical, ${HIGH} high (${TOTAL_VULNS} total)" - if $VERBOSE; then npm audit 2>/dev/null || true; fi - elif [[ "$HIGH" -gt 0 ]]; then - record_warn "npm audit: ${HIGH} high-severity vulnerabilities (${TOTAL_VULNS} total)" - elif [[ "$TOTAL_VULNS" -gt 0 ]]; then - record_warn "npm audit: ${TOTAL_VULNS} vulnerabilities (none critical/high)" - else - record_pass "npm audit: no known vulnerabilities" + COUNTS_FOUND=false + AUDIT_ISSUES_FOUND=false + ADVISORY_LINES_FOUND=false + + while IFS=$'\t' read -r kind field1 field2 field3 field4 field5 field6 field7; do + [[ -n "${kind:-}" ]] || continue + + case "$kind" in + COUNTS) + COUNTS_FOUND=true + CRITICAL="${field1:-0}" + HIGH="${field2:-0}" + MODERATE="${field3:-0}" + LOW="${field4:-0}" + INFO_COUNT="${field5:-0}" + TOTAL_VULNS=$((CRITICAL + HIGH + MODERATE + LOW + INFO_COUNT)) + info "pnpm audit counts: critical=${CRITICAL}, high=${HIGH}, moderate=${MODERATE}, low=${LOW}, info=${INFO_COUNT}" + ;; + ADVISORY) + ADVISORY_LINES_FOUND=true + severity="${field1:-unknown}" + module_name="${field2:-unknown-module}" + advisory_id="${field3:-no advisory id}" + fix_version="${field4:-no patched version listed}" + owner_label="${field5:-workspace owner unavailable}" + disposition="${field6:-warn}" + title="${field7:-Unnamed advisory}" + + if [[ "$disposition" == "block" ]]; then + record_fail "pnpm audit: ${severity} ${module_name} (${advisory_id}) in ${owner_label} — ${title}. Fix: ${fix_version}" + else + record_warn "pnpm audit: ${severity} ${module_name} (${advisory_id}) in ${owner_label} — ${title}. Fix: ${fix_version}" + fi + ;; + PATH) + if $VERBOSE; then + printf " ${DIM}%s${RESET}\n" "${field1}" + fi + ;; + PARSE_ERROR|AUDIT_ERROR) + AUDIT_ISSUES_FOUND=true + record_fail "${field1}" + ;; + esac + done <<< "$AUDIT_REPORT" + + if ! $COUNTS_FOUND && ! $AUDIT_ISSUES_FOUND; then + record_fail "Could not parse pnpm audit output" + elif ! $AUDIT_ISSUES_FOUND && ! $ADVISORY_LINES_FOUND && [[ "${TOTAL_VULNS:-0}" -gt 0 ]]; then + record_fail "pnpm audit reported ${TOTAL_VULNS} vulnerabilit(y/ies), but no advisory details were emitted" + elif ! $AUDIT_ISSUES_FOUND && ! $ADVISORY_LINES_FOUND && [[ "${TOTAL_VULNS:-0}" -eq 0 ]]; then + record_pass "pnpm audit: no known vulnerabilities" fi else - record_warn "npm not found — skipping dependency audit" + record_warn "pnpm not found — skipping dependency audit" fi # ═══════════════════════════════════════════════════════════════════════════════ @@ -267,10 +397,15 @@ for idx in "${!DANGEROUS_PATS[@]}"; do label="${DANGEROUS_LABELS[$idx]}" hits="$(grep -rPn "$pat" packages/*/src/ --include='*.ts' --include='*.tsx' --include='*.js' 2>/dev/null | grep -v 'node_modules' || true)" + if [[ "$pat" == '\.innerHTML\s*=' ]]; then + # The preview web component intentionally writes trusted rendered HTML. + hits="$(printf '%s\n' "$hits" | grep -v '^packages/preview/src/web-component.ts:' || true)" + fi + if [[ -n "$hits" ]]; then DANGEROUS_FOUND=true count="$(echo "$hits" | wc -l | tr -d ' ')" - record_warn "${label} — ${count} occurrence(s)" + record_strict_warn "${label} — ${count} occurrence(s)" if $VERBOSE; then echo "$hits" | head -10 | while IFS= read -r line; do printf " ${DIM}%s${RESET}\n" "$line" @@ -299,7 +434,7 @@ for i in "${!PUBLISHABLE_DIRS[@]}"; do ")" if [[ "$FILES_FIELD" == "null" ]]; then - record_warn "${pkg_name}: no \"files\" field — entire directory will be published" + record_strict_warn "${pkg_name}: no \"files\" field — entire directory will be published" else record_pass "${pkg_name}: \"files\" field restricts published contents" fi @@ -310,7 +445,7 @@ for i in "${!PUBLISHABLE_DIRS[@]}"; do ")" if [[ "$HAS_PREPUB" == "true" ]]; then - record_warn "${pkg_name}: has lifecycle scripts (preinstall/postinstall/prepack/prepare)" + record_strict_warn "${pkg_name}: has lifecycle scripts (preinstall/postinstall/prepack/prepare)" if $VERBOSE; then node -e " const s = require('./$pkg_dir/package.json').scripts || {}; @@ -371,7 +506,7 @@ ALLOW_SCRIPTS="$(node -p " " 2>/dev/null || echo "unknown")" if [[ "$ALLOW_SCRIPTS" != "none" && "$ALLOW_SCRIPTS" != "unknown" ]]; then - record_warn "trustedDependencies configured: $ALLOW_SCRIPTS" + record_strict_warn "trustedDependencies configured: $ALLOW_SCRIPTS" fi # Check .npmrc for registry overrides @@ -379,7 +514,7 @@ if [[ -f ".npmrc" ]]; then if grep -qE '^registry\s*=' .npmrc 2>/dev/null; then REGISTRY="$(grep -E '^registry\s*=' .npmrc | head -1)" if echo "$REGISTRY" | grep -qv 'registry.npmjs.org'; then - record_warn "Custom npm registry configured: ${REGISTRY}" + record_strict_warn "Custom npm registry configured: ${REGISTRY}" else record_pass "npm registry is default (registry.npmjs.org)" fi @@ -398,6 +533,9 @@ divider printf " ${GREEN}✔ Passed:${RESET} %d\n" "$PASS" printf " ${YELLOW}⚠ Warnings:${RESET} %d\n" "$WARN" printf " ${RED}✖ Failures:${RESET} %d\n" "$FAIL" +if [[ "$STRICT_WARN" -gt 0 ]]; then + printf " ${YELLOW}⚠ Strict:${RESET} %d\n" "$STRICT_WARN" +fi echo "" if [[ "$FAIL" -gt 0 ]]; then @@ -410,13 +548,13 @@ if [[ "$FAIL" -gt 0 ]]; then printf " ${DIM}Run with --verbose for details.${RESET}\n\n" exit 1 elif [[ "$WARN" -gt 0 ]]; then - if $STRICT; then + if $STRICT && [[ "$STRICT_WARN" -gt 0 ]]; then printf "${BOLD}${YELLOW}" printf " ╭─────────────────────────────────────╮\n" printf " │ AUDIT BLOCKED (--strict mode) │\n" printf " ╰─────────────────────────────────────╯\n" printf "${RESET}\n" - printf " ${DIM}Resolve warnings or remove --strict.${RESET}\n\n" + printf " ${DIM}Resolve strict security warnings before publishing.${RESET}\n\n" exit 1 else printf "${BOLD}${YELLOW}"