[Snyk] Security upgrade vitest from 4.0.18 to 4.1.0

[snyk-io]

Snyk has created this PR to fix 1 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

• packages/better-auth/package.json

⚠️ Warning

Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Missing Authorization SNYK-JS-VITEST-17120326	735

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Missing Authorization

[snyk-io]

This is a minor version upgrade for vitest from 4.0.18 to 4.1.0. According to the official release notes, this version introduces new features and bug fixes without any documented breaking changes.

Key Changes:

• New Features: This release adds support for Vite 8, introduces test tags for better test organization, adds new aroundAll and aroundEach hooks, and includes a new --detect-async-leaks flag to help identify memory leaks in tests.
• Deprecations: Some internal entry points and unused matcher context types have been deprecated and will be removed in a future major version. These changes should not impact current test suites but serve as a notice for future updates.
• No Breaking Changes: The update follows semantic versioning, and no breaking API changes have been cited for this minor release.

Recommendation:
No immediate action is required. This is considered a safe upgrade.

Source: Vitest v4.1.0 Release Notes

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[hivel-marco]

PR Complexity Score: 1.2 - Trivial

View Breakdown

• Lines Changed: 2
• Files Changed: 1
• Complexity Added: 0
• Raw Score: 3.04

Overview

This PR updates the Vitest dependency version in the better-auth package.
The goal is to keep the testing framework up-to-date with the latest minor release and associated fixes or improvements.

Key Changes

• Bumps vitest from version ^4.0.18 to ^4.1.0 in packages/better-auth/package.json to align with the newer minor release and its enhancements.

Risks & Considerations

• Minor version upgrades can introduce subtle behavior changes in the test runner; existing tests should be run to confirm no regressions.
• Any breaking changes or deprecations in Vitest 4.1.0 (if present despite semantic versioning guarantees) may affect custom test setups or plugins.

File-level change summary

File	Change summary
packages/better-auth/package.json	Updated the vitest dev dependency from ^4.0.18 to ^4.1.0.