OpenSID · vickyrolanda · Aug 28, 2025 · Aug 26, 2025 · Aug 28, 2025 · Aug 28, 2025
diff --git a/catatan_rilis.md b/catatan_rilis.md
@@ -12,4 +12,5 @@ Di rilis v2508.0.0 berisi perbaikan yang diminta Komunitas Open Desa.
 
 #### Penyesuaian Teknis
 
-1. [#521](https://github.com/OpenSID/pantau/issues/521) Tambahkan e2e testing.
+1. [#521](https://github.com/OpenSID/pantau/issues/521) Tambahkan e2e testing.
+2. [#526](https://github.com/OpenSID/pantau/issues/526) Upgrade packages berdasarkan temuan composer audit
diff --git a/composer.lock b/composer.lock
diff --git a/tests/Feature/Auth/AuthenticationTest.php b/tests/Feature/Auth/AuthenticationTest.php
@@ -22,7 +22,7 @@ public function test_users_can_authenticate_using_the_login_screen()
     {
         $user = User::factory()->create();
 
-        $response = $this->post('/login', [
+        $response = $this->withoutMiddleware(\App\Http\Middleware\VerifyCsrfToken::class)->post('/login', [
             'email' => $user->email,
             'password' => 'password',
         ]);

diff --git a/tests/Feature/Auth/PasswordConfirmationTest.php b/tests/Feature/Auth/PasswordConfirmationTest.php
@@ -23,10 +23,11 @@ public function test_password_can_be_confirmed()
     {
         $user = User::factory()->create();
 
-        $response = $this->actingAs($user)->post('/password/confirm', [
-            'password' => 'password',
-        ]);
-
+        $response = $this->withoutMiddleware(\App\Http\Middleware\VerifyCsrfToken::class)
+           ->actingAs($user)
+           ->post('/password/confirm', [
+               'password' => 'password',
+           ]);
         $response->assertRedirect();
         $response->assertSessionHasNoErrors();
     }
@@ -35,7 +36,8 @@ public function test_password_is_not_confirmed_with_invalid_password()
     {
         $user = User::factory()->create();
 
-        $response = $this->actingAs($user)->post('/password/confirm', [
+        $response = $this->withoutMiddleware(\App\Http\Middleware\VerifyCsrfToken::class)
+        ->actingAs($user)->post('/password/confirm', [
             'password' => 'wrong-password',
         ]);
 

diff --git a/tests/Feature/Auth/PasswordResetTest.php b/tests/Feature/Auth/PasswordResetTest.php
@@ -25,7 +25,7 @@ public function test_reset_password_link_can_be_requested()
 
         $user = User::factory()->create();
 
-        $this->post('/password/email', ['email' => $user->email]);
+        $this->withoutMiddleware(\App\Http\Middleware\VerifyCsrfToken::class)->post('/password/email', ['email' => $user->email]);
 
         Notification::assertSentTo($user, ResetPassword::class);
     }
@@ -36,7 +36,7 @@ public function test_reset_password_screen_can_be_rendered()
 
         $user = User::factory()->create();
 
-        $this->post('/password/email', ['email' => $user->email]);
+        $this->withoutMiddleware(\App\Http\Middleware\VerifyCsrfToken::class)->post('/password/email', ['email' => $user->email]);
 
         Notification::assertSentTo($user, ResetPassword::class, function ($notification) {
             $response = $this->get('/password/reset/'.$notification->token);
@@ -53,7 +53,7 @@ public function test_password_can_be_reset_with_valid_token()
 
         $user = User::factory()->create();
 
-        $this->post('/password/email', ['email' => $user->email]);
+        $this->withoutMiddleware(\App\Http\Middleware\VerifyCsrfToken::class)->post('/password/email', ['email' => $user->email]);
 
         Notification::assertSentTo($user, ResetPassword::class, function ($notification) use ($user) {
             $response = $this->post('/password/reset', [