fix: rollback vite to 6.1.0 and pin nanoid for trust policy #35

Closed
ilenia wants to merge 1 commits from fix/issue-34-vite-rollback into main
Member

Explanation

This pull request is necessary to restore trusted dependency resolution under the repository's no-downgrade supply-chain policy so contributors can install dependencies without lockfile trust failures.

Issue

#34

Attestations

Dependencies

  • I have pinned the dependencies to a specific patch version.

Style

  • I have run the linter and resolved any errors.
  • My pull request uses an appropriate title, matching the conventional commit standards.
  • My scope of feat/fix/chore/etc. correctly matches the nature of changes in my pull request.

Tests

  • My contribution adds new code, and I have added tests to cover it.
  • My contribution modifies existing code, and I have updated the tests to reflect these changes.
  • All new and existing tests pass locally with my changes.
  • Code coverage remains at or above the configured threshold.

Reason: test/projects.spec.ts currently fails with Page not found for project Valerium.

Documentation

N/A - no documentation-site content updates required for this dependency policy fix.

Versioning

Patch - My pull request introduces bug fixes ONLY.

### Explanation This pull request is necessary to restore trusted dependency resolution under the repository's `no-downgrade` supply-chain policy so contributors can install dependencies without lockfile trust failures. ### Issue #34 ### Attestations - [x] I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/) - [x] I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/). - [x] My contribution complies with the [Contributor Covenant](https://docs.nhcarrigan.com/dev/covenant/). ### Dependencies - [x] I have pinned the dependencies to a specific patch version. ### Style - [x] I have run the linter and resolved any errors. - [x] My pull request uses an appropriate title, matching the conventional commit standards. - [x] My scope of feat/fix/chore/etc. correctly matches the nature of changes in my pull request. ### Tests - [ ] My contribution adds new code, and I have added tests to cover it. - [ ] My contribution modifies existing code, and I have updated the tests to reflect these changes. - [ ] All new and existing tests pass locally with my changes. - [ ] Code coverage remains at or above the configured threshold. Reason: `test/projects.spec.ts` currently fails with `Page not found for project Valerium`. ### Documentation N/A - no documentation-site content updates required for this dependency policy fix. ### Versioning Patch - My pull request introduces bug fixes ONLY.
ilenia added 1 commit 2026-06-30 11:18:49 -07:00
fix: rollback vite to 6.1.0 and pin nanoid for trust policy
Node.js CI / CI (pull_request) Failing after 29s
Security Scan and Upload / Security & DefectDojo Upload (pull_request) Successful in 1m17s
59741cc61e
naomi approved these changes 2026-06-30 11:26:58 -07:00
ilenia closed this pull request 2026-06-30 12:49:16 -07:00
Some required checks failed
Node.js CI / CI (pull_request) Failing after 29s
Required
Details
Security Scan and Upload / Security & DefectDojo Upload (pull_request) Successful in 1m17s

Pull request closed

Sign in to join this conversation.
No Reviewers
No Label
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: nhcarrigan/docs#35