Skip to content

fix(fixtures): update fixtures to latest Zero usage#265

Open
Gerbuuun wants to merge 5 commits into
mainfrom
codex/vue-fixture-server
Open

fix(fixtures): update fixtures to latest Zero usage#265
Gerbuuun wants to merge 5 commits into
mainfrom
codex/vue-fixture-server

Conversation

@Gerbuuun

@Gerbuuun Gerbuuun commented Jul 8, 2026

Copy link
Copy Markdown
Collaborator

The fixtures did run but didn't work because they were very outdated:

  • Zero now requires a server which is added to the Vue fixture
  • Moved shared query and mutator definitions into the _shared folder
  • userID no longer needs to be anon when unauthenticated
  • Given the compose project a name for discoverability in docker
  • Updated postgres volume path because otherwise postgres >18 wouldn't start

@Gerbuuun Gerbuuun force-pushed the codex/vue-fixture-server branch 2 times, most recently from 8d802e7 to 3220c1d Compare July 8, 2026 11:00
@Gerbuuun Gerbuuun force-pushed the codex/vue-fixture-server branch 2 times, most recently from 9df8291 to ac1bff9 Compare July 8, 2026 12:16
@socket-security

socket-security Bot commented Jul 8, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addedhappy-dom@​20.10.6661008895100
Addedvite@​8.1.3981008298100
Addedvue-tsc@​3.3.61001009297100
Addednuxt@​4.4.89810010094100
Addedknip@​6.25.0991009596100

View full report

@socket-security

socket-security Bot commented Jul 8, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm happy-dom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/happy-dom@20.10.6

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/happy-dom@20.10.6. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm yargs is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@rocicorp/zero@1.6.2npm/yargs@17.7.3

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/yargs@17.7.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@Gerbuuun Gerbuuun force-pushed the codex/vue-fixture-server branch from ac1bff9 to c656d13 Compare July 8, 2026 12:18
@Gerbuuun Gerbuuun force-pushed the codex/vue-fixture-server branch from c656d13 to 61879fe Compare July 8, 2026 12:31
@Gerbuuun Gerbuuun requested a review from danielroe July 8, 2026 13:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant