fix(security): resolve miniflare and undici vulnerabilities

[Rayhan1967]

Description

This Pull Request addresses and resolves security vulnerabilities flagged by npm audit. The identified vulnerabilities were traced back to the undici dependency, which was being pulled in via jest-environment-miniflare.

After evaluating the test suite, it was determined that jest-environment-miniflare is no longer required as the primary test environment. By removing this package, we can rely entirely on the standard jest Node testing configuration. This change effectively eliminates the nested vulnerabilities without impacting the integrity of the test suite.

Testing

The following checks have been performed locally to ensure stability:

• Dependencies installed successfully (npm install).
• Project builds without errors (npm run build).
• TypeScript compiler passes cleanly (npm run typecheck).
• All 613 unit tests passed successfully (npm run test).
• Security audit (npm audit) now reports 0 vulnerabilities.

[greptile-apps]

Greptile Summary

This PR removes the deprecated jest-environment-miniflare (v2) package and bumps miniflare from ^4.20251004.0 to ^4.20260302.0. The primary motivation is to eliminate the vulnerable transitive dependency on undici 5.28.4 that was pulled in by jest-environment-miniflare. The updated miniflare now resolves to undici 7.18.2. Since jest-environment-miniflare was never actually configured as a test environment (jest uses testEnvironment: 'node' in jest.config.cjs), removing it has no effect on the test suite.

• Removed deprecated jest-environment-miniflare v2.14.4 (was pulling vulnerable undici 5.28.4)
• Bumped miniflare to ^4.20260302.0 (still used by scripts/ecosystem-check.ts for Cloudflare Worker compatibility testing)
• Removed jest-environment-miniflare/globals from tsconfig.json types
• Added skipLibCheck: true to tsconfig.json — this is a broad setting that disables type checking of all .d.ts files and could mask future type issues

Confidence Score: 4/5

• This PR is safe to merge — it removes a deprecated, vulnerable dev dependency with no runtime impact
• The dependency removal is clean and well-scoped. jest-environment-miniflare was unused in the actual jest config, so removing it has no functional impact. The only concern is the addition of skipLibCheck: true which, while not a bug, is a broad type-checking relaxation that could hide issues in the future.
• tsconfig.json — the skipLibCheck: true addition deserves a closer look to determine if it's truly necessary

Important Files Changed

Filename	Overview
package.json	Removes deprecated jest-environment-miniflare and bumps miniflare from ^4.20251004.0 to ^4.20260302.0, resolving vulnerable undici 5.28.4 transitive dependency.
tsconfig.json	Removes jest-environment-miniflare/globals type reference. Adds skipLibCheck: true which could mask future type errors. Missing trailing newline.
package-lock.json	Lockfile regenerated; removes jest-environment-miniflare and its transitive undici 5.28.4 dependency tree. miniflare now resolves undici 7.18.2.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[package.json devDependencies] --> B{jest-environment-miniflare v2}
    A --> C{miniflare ^4.20251004.0}
    B -->|transitive dep| D[undici 5.28.4 - VULNERABLE]
    C -->|transitive dep| D
    
    A2[package.json devDependencies - AFTER] --> C2{miniflare ^4.20260302.0}
    C2 -->|transitive dep| E[undici 7.18.2 - FIXED]
    
    style B fill:#ff6b6b,stroke:#c92a2a,color:#fff
    style D fill:#ff6b6b,stroke:#c92a2a,color:#fff
    style C2 fill:#51cf66,stroke:#2b8a3e,color:#fff
    style E fill:#51cf66,stroke:#2b8a3e,color:#fff

Loading

_{Last reviewed commit: c46189e}

[greptile-apps]

_{3 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

skipLibCheck may mask type errors

Adding skipLibCheck: true disables type-checking of all .d.ts files, including those from dependencies. While this may have been needed to resolve type conflicts after removing jest-environment-miniflare/globals, it's a broad escape hatch that can hide legitimate type incompatibilities between your code and its dependencies in the future.

Was skipLibCheck added to work around a specific type error? If so, it may be worth documenting what that error was (e.g., in a code comment), so future maintainers understand why it's there. If tsc --noEmit passes without skipLibCheck, consider removing it.

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}

[greptile-apps]

Missing trailing newline

The file is missing a trailing newline. Most editors and linters expect files to end with a newline character (POSIX convention), and this will show up as a diff noise in future PRs.

Suggested change

	}
	}

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}