NPM Audit Report

Generation Date: 2.4.2026 - 15:15:03

Vulnerabilities

Vulnerabilities are known security weaknesses of dependencies and are categorized by severity:

Critical: Exploitable with severe impact, requiring immediate action.
High: Significant risk, should be addressed promptly.
Moderate: Requires specific conditions to exploit, but should still be remediated.
Low: Minor risk with limited impact.

Package	Severity	URL	Range	Effects	Fix Available
preact	high	https://github.com/advisories/GHSA-36hm-qxxp-pg3m	10.28.0 - 10.28.1	-	true
rollup	high	https://github.com/advisories/GHSA-mw96-cpmx-2vgc	4.0.0 - 4.58.0	-	true
esbuild	moderate	https://github.com/advisories/GHSA-67mh-4wv8-2f99	<=0.24.2	vite	vitepress@0.1.1
vite	moderate	-	0.11.0 - 6.1.6	vitepress	vitepress@0.1.1
vitepress	moderate	-	0.2.0 - 1.6.4	-	vitepress@0.1.1

Outdated Dependencies

Regular updates are a core requirement of the EU Cyber Resilience Act (CRA), which mandates timely delivery of security patches. Keeping dependencies current reduces the attack surface and ensures the project benefits from the latest improvements.

Update Type	Count	Risk
Major (breaking changes possible)	3	Test thoroughly
Minor (new features)	3	Low risk
Patch (bug fixes)	3	Safe to update
Total outdated	9

Major Updates

Major version changes may include breaking API changes. Review changelogs before updating.

Package	Current	Wanted	Latest
echarts	5.6.0	5.6.0	6.0.0
vue-i18n	9.14.5	9.14.5	11.3.0
vuetify	3.11.4	3.12.5	4.0.5

Minor Updates

Minor updates add new features in a backward-compatible manner.

Package	Current	Wanted	Latest
@powersync/web	1.35.0	1.37.1	1.37.1
@supabase/supabase-js	2.89.0	2.101.1	2.101.1
maplibre-gl	5.15.0	5.21.1	5.21.1

Patch Updates

Patch updates contain bug fixes and are generally safe to apply.

Package	Current	Wanted	Latest
@turf/turf	7.3.1	7.3.4	7.3.4
esbuild	0.27.2	0.27.5	0.27.5
vite-plugin-vuetify	2.1.2	2.1.3	2.1.3

NPM Audit Report ​

Vulnerabilities ​

Outdated Dependencies ​

Major Updates ​

Minor Updates ​