cartsnitch/app
12
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: cartsnitch/app:dev
Branches Tags
cartsnitch/app:main cartsnitch/app:dev cartsnitch/app:betty/car-1147-fix-infra-403 cartsnitch/app:uat cartsnitch/app:betty/car-1022-direct-test cartsnitch/app:betty/car-1009-ghcr-gitea-migration cartsnitch/app:barcode-betty/ghcr-to-gitea-registry cartsnitch/app:betty/delete-stale-ci-yml cartsnitch/app:betty/car-987-fix-ci-docker-socket-and-infra-403 cartsnitch/app:barcode-betty/car-964-full cartsnitch/app:barcode-betty/car-964-gitea-registry-v2 cartsnitch/app:betty/car-964-gitea-registry-v2 cartsnitch/app:barcode-betty/gitea-registry cartsnitch/app:disable-lighthouse-ci-v2 cartsnitch/app:disable-lighthouse-ci cartsnitch/app:betty/car-935-fix-setup-node cartsnitch/app:barcode-betty/move-workflows-to-gitea cartsnitch/app:betty/car-869-gitea-actions-app
cartsnitch/app:v2026.04.19
...
compare: cartsnitch/app:ed5ed0a35cd906170ddc2018f5b97205550aab5b
Branches Tags
cartsnitch/app:dev cartsnitch/app:betty/car-1147-fix-infra-403 cartsnitch/app:main cartsnitch/app:uat cartsnitch/app:betty/car-1022-direct-test cartsnitch/app:betty/car-1009-ghcr-gitea-migration cartsnitch/app:barcode-betty/ghcr-to-gitea-registry cartsnitch/app:betty/delete-stale-ci-yml cartsnitch/app:betty/car-987-fix-ci-docker-socket-and-infra-403 cartsnitch/app:barcode-betty/car-964-full cartsnitch/app:barcode-betty/car-964-gitea-registry-v2 cartsnitch/app:betty/car-964-gitea-registry-v2 cartsnitch/app:barcode-betty/gitea-registry cartsnitch/app:disable-lighthouse-ci-v2 cartsnitch/app:disable-lighthouse-ci cartsnitch/app:betty/car-935-fix-setup-node cartsnitch/app:barcode-betty/move-workflows-to-gitea cartsnitch/app:betty/car-869-gitea-actions-app
cartsnitch/app:v2026.04.19

1 Commits
dev ... ed5ed0a35c

Author SHA1 Message Date
Savannah Savings ed5ed0a35c fix: update better-auth to 1.6.11 to resolve GHSA-wxw3-q3m9-c3jr
CI / audit (pull_request) Failing after 10s
Details
CI / e2e (pull_request) Successful in 40s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details
CI / lighthouse (pull_request) Failing after 1m12s
Details
CI / lint (pull_request) Successful in 14s
Details
CI / test (pull_request) Successful in 12s
Details 
Resolves moderate severity OAuth state mismatch vulnerability in better-auth.
Updated package-lock.json to reflect patched transitive dependencies.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-21 19:58:31 +00:00
1 changed files with 88 additions and 94 deletions
Expand all files Collapse all files
package-lock.json
Generated
+88 -94
View File
@@ -1641,9 +1641,9 @@
}
},
"node_modules/@better-auth/core": {
"version": "1.5.6",
"resolved": "https://registry.npmjs.org/@better-auth/core/-/core-1.5.6.tgz",
"integrity": "sha512-Ez9DZdIMFyxHremmoLz1emFPGNQomDC1jqqBPnZ6Ci+6TiGN3R9w/Y03cJn6I8r1ycKgOzeVMZtJ/erOZ27Gsw==",
"version": "1.6.11",
"resolved": "https://registry.npmjs.org/@better-auth/core/-/core-1.6.11.tgz",
"integrity": "sha512-LrwidLCV8azdMGjvtwp30nj9tIv1BwI3VhtC0UaGSjQkAVWw4bN42I8qwbxRziPeSQoj+zUVkOpxZzAWBDARtQ==",
"license": "MIT",
"dependencies": {
"@opentelemetry/semantic-conventions": "^1.39.0",
@@ -1651,11 +1651,11 @@
"zod": "^4.3.6"
},
"peerDependencies": {
"@better-auth/utils": "0.3.1",
"@better-auth/utils": "0.4.0",
"@better-fetch/fetch": "1.1.21",
"@cloudflare/workers-types": ">=4",
"@opentelemetry/api": "^1.9.0",
"better-call": "1.3.2",
"better-call": "1.3.5",
"jose": "^6.1.0",
"kysely": "^0.28.5",
"nanostores": "^1.0.1"
@@ -1663,18 +1663,21 @@
"peerDependenciesMeta": {
"@cloudflare/workers-types": {
"optional": true
},
"@opentelemetry/api": {
"optional": true
}
}
},
"node_modules/@better-auth/kysely-adapter": {
"version": "1.5.6",
"resolved": "https://registry.npmjs.org/@better-auth/kysely-adapter/-/kysely-adapter-1.5.6.tgz",
"integrity": "sha512-Fnf+h8WVKtw6lEOmVmiVVzDf3shJtM60AYf9XTnbdCeUd6MxN/KnaJZpkgtYnRs7a+nwtkVB+fg4lGETebGFXQ==",
"version": "1.6.11",
"resolved": "https://registry.npmjs.org/@better-auth/kysely-adapter/-/kysely-adapter-1.6.11.tgz",
"integrity": "sha512-/g8M9RfIjdcZDnbstSUvQiINkvdNlCeZr248zwqx2/PVksQI1MhQofbzUn3RnQnbPKp0EPwpX/dR3oudRFenUg==",
"license": "MIT",
"peerDependencies": {
"@better-auth/core": "1.5.6",
"@better-auth/utils": "^0.3.0",
"kysely": "^0.27.0 || ^0.28.0"
"@better-auth/core": "^1.6.11",
"@better-auth/utils": "0.4.0",
"kysely": "^0.28.17"
},
"peerDependenciesMeta": {
"kysely": {
@@ -1683,23 +1686,23 @@
}
},
"node_modules/@better-auth/memory-adapter": {
"version": "1.5.6",
"resolved": "https://registry.npmjs.org/@better-auth/memory-adapter/-/memory-adapter-1.5.6.tgz",
"integrity": "sha512-rS7ZsrIl5uvloUgNN0u9LOZJMMXnsZXVdUZ3MrTBKWM2KpoJjzPr9yN3Szyma5+0V7SltnzSGHPkYj2bEzzmlA==",
"version": "1.6.11",
"resolved": "https://registry.npmjs.org/@better-auth/memory-adapter/-/memory-adapter-1.6.11.tgz",
"integrity": "sha512-hpdfw0BBf8MuzLkIdmbcUZICbY9r/bhLO2RxSnkzT5+/O+0I0u2I8+m0YUP7vNllP/ZCKASHOYgXPLO75Z0f9Q==",
"license": "MIT",
"peerDependencies": {
"@better-auth/core": "1.5.6",
"@better-auth/utils": "^0.3.0"
"@better-auth/core": "^1.6.11",
"@better-auth/utils": "0.4.0"
}
},
"node_modules/@better-auth/mongo-adapter": {
"version": "1.5.6",
"resolved": "https://registry.npmjs.org/@better-auth/mongo-adapter/-/mongo-adapter-1.5.6.tgz",
"integrity": "sha512-6+M3MS2mor8fTUV3EI1FBLP0cs6QfbN+Ovx9+XxR/GdfKIBoNFzmPEPRbdGt+ft6PvrITsUm+T70+kkHgVSP6w==",
"version": "1.6.11",
"resolved": "https://registry.npmjs.org/@better-auth/mongo-adapter/-/mongo-adapter-1.6.11.tgz",
"integrity": "sha512-3Tor8rSv8vSEIMEaV2PFpPEuVhqc1gNoZ6eGvoh3LwExXXuj8madew6ob+H1pH7Aphn3Ar5PQ08AguT8TbwFAA==",
"license": "MIT",
"peerDependencies": {
"@better-auth/core": "1.5.6",
"@better-auth/utils": "^0.3.0",
"@better-auth/core": "^1.6.11",
"@better-auth/utils": "0.4.0",
"mongodb": "^6.0.0 || ^7.0.0"
},
"peerDependenciesMeta": {
@@ -1709,13 +1712,13 @@
}
},
"node_modules/@better-auth/prisma-adapter": {
"version": "1.5.6",
"resolved": "https://registry.npmjs.org/@better-auth/prisma-adapter/-/prisma-adapter-1.5.6.tgz",
"integrity": "sha512-UxY9vQJs1Tt+O+T2YQnseDMlWmUSQvFZSBb5YiFRg7zcm+TEzujh4iX2/csA0YiZptLheovIuVWTP9nriewEBA==",
"version": "1.6.11",
"resolved": "https://registry.npmjs.org/@better-auth/prisma-adapter/-/prisma-adapter-1.6.11.tgz",
"integrity": "sha512-Pw+7q7zTp+VSci1V+CYMvuxIbAeVMZLe4lRo46LJoAKMHfjFl5T/ycsyFvWs/DkWC7n9gZZzRDEbHp0I5FiKKw==",
"license": "MIT",
"peerDependencies": {
"@better-auth/core": "1.5.6",
"@better-auth/utils": "^0.3.0",
"@better-auth/core": "^1.6.11",
"@better-auth/utils": "0.4.0",
"@prisma/client": "^5.0.0 || ^6.0.0 || ^7.0.0",
"prisma": "^5.0.0 || ^6.0.0 || ^7.0.0"
},
@@ -1729,23 +1732,24 @@
}
},
"node_modules/@better-auth/telemetry": {
"version": "1.5.6",
"resolved": "https://registry.npmjs.org/@better-auth/telemetry/-/telemetry-1.5.6.tgz",
"integrity": "sha512-yXC7NSxnIFlxDkGdpD7KA+J9nqIQAPCJKe77GoaC5bWoe/DALo1MYorZfTgOafS7wrslNtsPT4feV/LJi1ubqQ==",
"version": "1.6.11",
"resolved": "https://registry.npmjs.org/@better-auth/telemetry/-/telemetry-1.6.11.tgz",
"integrity": "sha512-hsjDHc8MZbm6/AHeNdtywrWedXevnBjmdvnHTcZub+rTVjOv+Td0roI8USKuC6uUibmrl//2rJfVCsGbopihNA==",
"license": "MIT",
"dependencies": {
"@better-auth/utils": "0.3.1",
"@better-fetch/fetch": "1.1.21"
},
"peerDependencies": {
"@better-auth/core": "1.5.6"
"@better-auth/core": "^1.6.11",
"@better-auth/utils": "0.4.0",
"@better-fetch/fetch": "1.1.21"
}
},
"node_modules/@better-auth/utils": {
"version": "0.3.1",
"resolved": "https://registry.npmjs.org/@better-auth/utils/-/utils-0.3.1.tgz",
"integrity": "sha512-+CGp4UmZSUrHHnpHhLPYu6cV+wSUSvVbZbNykxhUDocpVNTo9uFFxw/NqJlh1iC4wQ9HKKWGCKuZ5wUgS0v6Kg==",
"license": "MIT"
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/@better-auth/utils/-/utils-0.4.0.tgz",
"integrity": "sha512-RpMtLUIQAEWMgdPLNVbIF5ON2mm+CH0U3rCdUCU1VyeAUui4m38DyK7/aXMLZov2YDjG684pS1D0MBllrmgjQA==",
"license": "MIT",
"dependencies": {
"@noble/hashes": "^2.0.1"
}
},
"node_modules/@better-fetch/fetch": {
"version": "1.1.21",
@@ -2771,20 +2775,10 @@
"devOptional": true,
"license": "MIT"
},
"node_modules/@opentelemetry/api": {
"version": "1.9.1",
"resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.1.tgz",
"integrity": "sha512-gLyJlPHPZYdAk1JENA9LeHejZe1Ti77/pTeFm/nMXmQH/HFZlcS/O2XJB+L8fkbrNSqhdtlvjBVjxwUYanNH5Q==",
"license": "Apache-2.0",
"peer": true,
"engines": {
"node": ">=8.0.0"
}
},
"node_modules/@opentelemetry/semantic-conventions": {
"version": "1.40.0",
"resolved": "https://registry.npmjs.org/@opentelemetry/semantic-conventions/-/semantic-conventions-1.40.0.tgz",
"integrity": "sha512-cifvXDhcqMwwTlTK04GBNeIe7yyo28Mfby85QXFe1Yk8nmi36Ab/5UQwptOx84SsoGNRg+EVSjwzfSZMy6pmlw==",
"version": "1.41.1",
"resolved": "https://registry.npmjs.org/@opentelemetry/semantic-conventions/-/semantic-conventions-1.41.1.tgz",
"integrity": "sha512-/UhIkaZgPutTFmQ7RnIJGgDXZmtEJ7Dvi86xNTFWcnRxVRNk/aotsqDJYeEvDP+FSMB2SdW+pQzNMcWP0rwuNA==",
"license": "Apache-2.0",
"engines": {
"node": ">=14"
@@ -4569,26 +4563,26 @@
}
},
"node_modules/better-auth": {
"version": "1.5.6",
"resolved": "https://registry.npmjs.org/better-auth/-/better-auth-1.5.6.tgz",
"integrity": "sha512-QSpJTqaT1XVfWRQe/fm3PgeuwOIlz1nWX/Dx7nsHStJ382bLzmDbQk2u7IT0IJ6wS5SRxfqEE1Ev9TXontgyAQ==",
"version": "1.6.11",
"resolved": "https://registry.npmjs.org/better-auth/-/better-auth-1.6.11.tgz",
"integrity": "sha512-Wwt6+q07dwIhsp6XiM7L1qSXVUWBEtNl+eZvwM778CguFqDZFBN9Pt6LtFaHl55t8Z+Zc//5kxcbgDY8/79vFQ==",
"license": "MIT",
"dependencies": {
"@better-auth/core": "1.5.6",
"@better-auth/drizzle-adapter": "1.5.6",
"@better-auth/kysely-adapter": "1.5.6",
"@better-auth/memory-adapter": "1.5.6",
"@better-auth/mongo-adapter": "1.5.6",
"@better-auth/prisma-adapter": "1.5.6",
"@better-auth/telemetry": "1.5.6",
"@better-auth/utils": "0.3.1",
"@better-auth/core": "1.6.11",
"@better-auth/drizzle-adapter": "1.6.11",
"@better-auth/kysely-adapter": "1.6.11",
"@better-auth/memory-adapter": "1.6.11",
"@better-auth/mongo-adapter": "1.6.11",
"@better-auth/prisma-adapter": "1.6.11",
"@better-auth/telemetry": "1.6.11",
"@better-auth/utils": "0.4.0",
"@better-fetch/fetch": "1.1.21",
"@noble/ciphers": "^2.1.1",
"@noble/hashes": "^2.0.1",
"better-call": "1.3.2",
"better-call": "1.3.5",
"defu": "^6.1.4",
"jose": "^6.1.3",
"kysely": "^0.28.12",
"kysely": "^0.28.17",
"nanostores": "^1.1.1",
"zod": "^4.3.6"
},
@@ -4600,7 +4594,7 @@
"@tanstack/solid-start": "^1.0.0",
"better-sqlite3": "^12.0.0",
"drizzle-kit": ">=0.31.4",
"drizzle-orm": ">=0.41.0",
"drizzle-orm": "^0.45.2",
"mongodb": "^6.0.0 || ^7.0.0",
"mysql2": "^3.0.0",
"next": "^14.0.0 || ^15.0.0 || ^16.0.0",
@@ -4674,14 +4668,14 @@
}
},
"node_modules/better-auth/node_modules/@better-auth/drizzle-adapter": {
"version": "1.5.6",
"resolved": "https://registry.npmjs.org/@better-auth/drizzle-adapter/-/drizzle-adapter-1.5.6.tgz",
"integrity": "sha512-VfFFmaoFw3ug12SiSuIwzrMoHyIVmkMGWm9gZ4sXdYYVX4HboCL4m3fjzOhppcmK5OGatRuU+N1UX6wxCITcXw==",
"version": "1.6.11",
"resolved": "https://registry.npmjs.org/@better-auth/drizzle-adapter/-/drizzle-adapter-1.6.11.tgz",
"integrity": "sha512-4jpkETIGZOHCf7BK4jnu22fdN6jjomH0/HhEzkaWy3+Eppi5PYlHTF/460jrTmA3Xc+Vqwp9t282ymHiEPypGw==",
"license": "MIT",
"peerDependencies": {
"@better-auth/core": "1.5.6",
"@better-auth/utils": "^0.3.0",
"drizzle-orm": ">=0.41.0"
"@better-auth/core": "^1.6.11",
"@better-auth/utils": "0.4.0",
"drizzle-orm": "^0.45.2"
},
"peerDependenciesMeta": {
"drizzle-orm": {
@@ -4690,12 +4684,12 @@
}
},
"node_modules/better-call": {
"version": "1.3.2",
"resolved": "https://registry.npmjs.org/better-call/-/better-call-1.3.2.tgz",
"integrity": "sha512-4cZIfrerDsNTn3cm+MhLbUePN0gdwkhSXEuG7r/zuQ8c/H7iU0/jSK5TD3FW7U0MgKHce/8jGpPYNO4Ve+4NBw==",
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/better-call/-/better-call-1.3.5.tgz",
"integrity": "sha512-kOFJkBP7utAQLEYrobZm3vkTH8mXq5GNgvjc5/XEST1ilVHaxXUXfeDeFlqoETMtyqS4+3/h4ONX2i++ebZrvA==",
"license": "MIT",
"dependencies": {
"@better-auth/utils": "^0.3.1",
"@better-auth/utils": "^0.4.0",
"@better-fetch/fetch": "^1.1.21",
"rou3": "^0.7.12",
"set-cookie-parser": "^3.0.1"
@@ -7116,9 +7110,9 @@
}
},
"node_modules/jose": {
"version": "6.2.2",
"resolved": "https://registry.npmjs.org/jose/-/jose-6.2.2.tgz",
"integrity": "sha512-d7kPDd34KO/YnzaDOlikGpOurfF0ByC2sEV4cANCtdqLlTfBlw2p14O/5d/zv40gJPbIQxfES3nSx1/oYNyuZQ==",
"version": "6.2.3",
"resolved": "https://registry.npmjs.org/jose/-/jose-6.2.3.tgz",
"integrity": "sha512-YYVDInQKFJfR/xa3ojUTl8c2KoTwiL1R5Wg9YCydwH0x0B9grbzlg5HC7mMjCtUJjbQ/YnGEZIhI5tCgfTb4Hw==",
"license": "MIT",
"funding": {
"url": "https://github.com/sponsors/panva"
@@ -7265,9 +7259,9 @@
}
},
"node_modules/kysely": {
"version": "0.28.15",
"resolved": "https://registry.npmjs.org/kysely/-/kysely-0.28.15.tgz",
"integrity": "sha512-r2clcf7HLWvDXaVUEvQymXJY4i3bSOIV3xsL/Upy3ZfSv5HeKsk9tsqbBptLvth5qHEIhxeHTA2jNLyQABkLBA==",
"version": "0.28.17",
"resolved": "https://registry.npmjs.org/kysely/-/kysely-0.28.17.tgz",
"integrity": "sha512-nbD8lB9EB3wNdMhOCdx5Li8DxnLbvKByylRLcJ1h+4SkrowVeECAyZlyiKMThF7xFdRz0jSQ2MoJr+wXux2y0Q==",
"license": "MIT",
"engines": {
"node": ">=20.0.0"
@@ -7818,9 +7812,9 @@
}
},
"node_modules/nanoid": {
"version": "3.3.11",
"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.11.tgz",
"integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==",
"version": "3.3.12",
"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.12.tgz",
"integrity": "sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ==",
"devOptional": true,
"funding": [
{
@@ -7837,9 +7831,9 @@
}
},
"node_modules/nanostores": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/nanostores/-/nanostores-1.2.0.tgz",
"integrity": "sha512-F0wCzbsH80G7XXo0Jd9/AVQC7ouWY6idUCTnMwW5t/Rv9W8qmO6endavDwg7TNp5GbugwSukFMVZqzPSrSMndg==",
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/nanostores/-/nanostores-1.3.0.tgz",
"integrity": "sha512-XPUa/jz+P1oJvN9VBxw4L9MtdFfaH3DAryqPssqhb2kXjmb9npz0dly6rCsgFWOPr4Yg9mTfM3MDZgZZ+7A3lA==",
"funding": [
{
"type": "github",
@@ -8164,9 +8158,9 @@
}
},
"node_modules/postcss": {
"version": "8.5.8",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.8.tgz",
"integrity": "sha512-OW/rX8O/jXnm82Ey1k44pObPtdblfiuWnrd8X7GJ7emImCOstunGbXUpp7HdBrFQX6rJzn3sPT397Wp5aCwCHg==",
"version": "8.5.15",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.15.tgz",
"integrity": "sha512-FfR8sjd4em2T6fb3I2MwAJU7HWVMr9zba+enmQeeWFfCbm+UOC/0X4DS8XtpUTMwWMGbjKYP7xjfNekzyGmB3A==",
"devOptional": true,
"funding": [
{
@@ -8184,7 +8178,7 @@
],
"license": "MIT",
"dependencies": {
"nanoid": "^3.3.11",
"nanoid": "^3.3.12",
"picocolors": "^1.1.1",
"source-map-js": "^1.2.1"
},
@@ -10626,9 +10620,9 @@
}
},
"node_modules/ws": {
"version": "8.20.0",
"resolved": "https://registry.npmjs.org/ws/-/ws-8.20.0.tgz",
"integrity": "sha512-sAt8BhgNbzCtgGbt2OxmpuryO63ZoDk/sqaB/znQm94T4fCEsy/yV+7CdC1kJhOU9lboAEU7R3kquuycDoibVA==",
"version": "8.20.1",
"resolved": "https://registry.npmjs.org/ws/-/ws-8.20.1.tgz",
"integrity": "sha512-It4dO0K5v//JtTXuPkfEOaI3uUN87iYPnqo/ZzqCoG3g8uhA66QUMs/SrM0YK7/NAu+r4LMh/9dq2A7k+rHs+w==",
"devOptional": true,
"license": "MIT",
"engines": {