From 109202246e6cf93f4b2cdf9bc8834c77511a250c Mon Sep 17 00:00:00 2001
From: Marcel <marcel@familienarchiv>
Date: Tue, 16 Jun 2026 09:16:58 +0200
Subject: [PATCH] fix(deps): bump vite 7.3.3 -> 7.3.5 to clear the
 high-severity audit gate

vite 7.3.3 carries two high-severity advisories (GHSA-v6wh-96g9-6wx3
NTLMv2 UNC disclosure, GHSA-fx2h-pf6j-xcff server.fs.deny bypass), both
flagged by the CI gate `npm audit --audit-level=high --omit=dev`. 7.3.5
is in-range of the existing `^7.3.3` constraint, so this is a
lockfile-only patch with no package.json change. Gate now exits 0.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
---
 frontend/package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index a98e0451..da2268c6 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -9515,9 +9515,9 @@
 			}
 		},
 		"node_modules/vite": {
-			"version": "7.3.3",
-			"resolved": "https://registry.npmjs.org/vite/-/vite-7.3.3.tgz",
-			"integrity": "sha512-/4XH147Ui7OGTjg3HbdWe5arnZQSbfuRzdr9Ec7TQi5I7R+ir0Rlc9GIvD4v0XZurELqA035KVXJXpR61xhiTA==",
+			"version": "7.3.5",
+			"resolved": "https://registry.npmjs.org/vite/-/vite-7.3.5.tgz",
+			"integrity": "sha512-KuOaNhcnGFN2zIPGA7wRmzF+lJA1sea7rHq17aiJ++9lzY1WWG6Jpwqwe1KNbRVPIqHmr8GLYx7jbrQcN/7/ww==",
 			"license": "MIT",
 			"dependencies": {
 				"esbuild": "^0.27.0",