Ben 46c16b9288 fix(deps): bump react-router-dom to 7.17.0 (GHSA-8x6r-g9mw-2r78) ... Clears the npm-audit React Router advisory CVE-2026-42342 in the web and apps/desktop workspaces by bumping react-router-dom 7.14.x -> ^7.17.0 (patched in 7.15.0; both react-router and react-router-dom now resolve to 7.17.0 in the root lockfile). Note: the advisory's DoS only affects React Router *Framework Mode* (the __manifest server endpoint). Both workspaces use Declarative Mode (web: <BrowserRouter>, desktop: <HashRouter>) as pure client-side SPAs, so we were never actually exploitable -- this is audit-hygiene only. npm audit --omit=dev: 0 vulnerabilities. Web + desktop + ui-tui builds and tsc typecheck all green on 7.17.0.		2026-06-04 21:30:23 -07:00
..
bootstrap-installer	test(installer): cover the post-update relaunch/install target derivation	2026-06-03 12:02:07 -07:00
desktop	fix(deps): bump react-router-dom to 7.17.0 (GHSA-8x6r-g9mw-2r78)	2026-06-04 21:30:23 -07:00
shared	fix(desktop): guard reconnect sockets and keep branch search precise	2026-06-03 13:13:21 -05:00