Context
From security audit (#114). Bun does not have a built-in npm audit equivalent. No automated vulnerability scanning is currently configured.
Action
- Enable GitHub Dependabot for the repository
- Or add a CI step that runs
npm audit in a Node.js environment
- Or configure
bun pm scan with a scanner plugin once available
Severity
Low — the dependency list is small and well-maintained, but automated scanning catches issues proactively.
Context
From security audit (#114). Bun does not have a built-in
npm auditequivalent. No automated vulnerability scanning is currently configured.Action
npm auditin a Node.js environmentbun pm scanwith a scanner plugin once availableSeverity
Low — the dependency list is small and well-maintained, but automated scanning catches issues proactively.