- Replace JS config (tailwind.config.js) with CSS @theme block in base.css
- Switch from PostCSS to @tailwindcss/vite plugin
- Convert all bg-opacity-*/border-opacity-* to slash syntax (e.g. bg-zinc-900/70)
- Add @custom-variant for mobile and ss variants
- Add @reference to Vue scoped styles using @apply
- Rename v3 utilities: rounded→rounded-sm, backdrop-blur-sm→backdrop-blur-xs,
drop-shadow→drop-shadow-sm, rotate-[25deg]→rotate-25
- Delete obsolete tailwind.config.js and postcss.config.js
- Rename vite.config.js to .mjs for ESM compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
vue-i18n: 9.10.2 → 11.2.8
Resolves XSS and prototype pollution vulnerabilities in vue-i18n v9.
Total vulnerabilities now down to 1 (axios in threads-api transitive
dependency).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- vite: 3.2.8 → 6.4.1
- @vitejs/plugin-vue: 3.2.0 → 5.2.4
- Replaced @intlify/vite-plugin-vue-i18n with @intlify/unplugin-vue-i18n
- Narrowed i18n include pattern to *.json to avoid parsing .mjs files
This resolves the esbuild moderate severity vulnerability that was
present in Vite <=6.1.6.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- @atproto/api (Bluesky): 0.11.2 → 0.18.21
- masto (Mastodon): 6.7.0 → 7.10.1
- twitter-api-v2: 1.18.1 → 1.29.0
threads-api left at 1.6.3 (no newer version available; vulnerable
axios dependency is a transitive issue in that package).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@sentry/node: 7.107.0 → 10.38.0
The project uses only Sentry.init() and Sentry.captureException(),
which are compatible across versions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Updated transitive dependencies to resolve 31 security vulnerabilities
including critical, high, and moderate severity issues. Remaining 9
vulnerabilities require breaking major version updates (vue-i18n, vite,
threads-api) which will be addressed separately. Also updated the
browserslist database.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
