The weekly Security workflow started failing after a critical advisory
was published for vitest <4.1.0 (arbitrary file read/execute via the
Vitest UI server). npm audit fix bumps vitest and @vitest/coverage-v8
to 4.1.x within existing semver ranges, plus a few moderate fixes
(yaml, flatted, etc.). No package.json changes.
Verified: npm audit reports 0 critical; vitest run 92 passed; vite
build succeeds.
- Fix prettier formatting across all P2P files
- Fix setState-in-useEffect by using useCallback pattern
- Add missing React import for keyboard event type
- Wrap fetch functions in useCallback for exhaustive-deps
- Single tx (applyForCitizenship) instead of 2-step setIdentity+applyForKyc
- Keccak-256 identity hash via js-sha3
- Referral code replaced with referrer SS58 address
- Success screen shows pending referral status instead of citizen ID
- Updated all 6 translation files with new keys
pezkuwichain