Skip to content

Security: Monthly dependency audit (June 2026) - documentation#41

Open
rancur wants to merge 1 commit into
mainfrom
security/monthly-dep-audit-2026-06
Open

Security: Monthly dependency audit (June 2026) - documentation#41
rancur wants to merge 1 commit into
mainfrom
security/monthly-dep-audit-2026-06

Conversation

@rancur

@rancur rancur commented Jun 1, 2026

Copy link
Copy Markdown
Owner

Monthly dependency audit identified 2 moderate vulnerabilities in postcss via Next.js. Requires Next.js 9.x → 16.x major upgrade (breaking changes). Documented for future upgrade cycle.

@claude
Security: Monthly dependency audit fixes (June 2026)
b4c90f2 
Partial fix: 0 of 2 vulnerabilities resolved.

Remaining issues require Next.js major version upgrade:
- MODERATE: postcss XSS (requires Next.js 9.x → 16.x breaking upgrade)

Documented for future upgrade cycle.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rancur