chore(wren-ui): fix dependency issue 96; upgrade tmp library to 0.2.4

[onlyjackfrost]

Summary by CodeRabbit

• Chores
  • Updated package resolution configuration for internal dependency management.

[coderabbitai]

Walkthrough

Added a new package resolution entry "tmp": "0.2.4" to the resolutions section in wren-ui/package.json. This pins the tmp package to version 0.2.4, with minor formatting adjustment to the surrounding configuration.

Changes

Cohort / File(s)	Summary
Package Resolution Configuration wren-ui/package.json	Added "tmp": "0.2.4" to the resolutions section to pin the tmp package version.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

• Single-line addition to a configuration file with no logic or dependency implications requiring verification

Suggested reviewers

• wwwy3y3
• fredalai

Poem

🐰 A tiny tmp resolved with care,
Version point-two, point-four so fair,
In resolutions, we now declare,
Consistency locked in package air! 📦✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request title "chore(wren-ui): fix dependency issue 96; upgrade tmp library to 0.2.4" is fully related to the main change in the changeset. It accurately describes the primary modification, which is adding a resolution entry for the tmp library version 0.2.4 to wren-ui/package.json. The title is concise, uses conventional commit format, and clearly communicates both the scope (wren-ui) and the specific action (dependency upgrade to fix issue 96). A teammate scanning the repository history would immediately understand the purpose and impact of this change.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/depend-bot-96

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0424696 and f3f0534.

⛔ Files ignored due to path filters (1)

• wren-ui/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• wren-ui/package.json (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Analyze (go)

🔇 Additional comments (1)

wren-ui/package.json (1)

100-101: ---

tmp@0.2.4 pins a critical security patch.

The added resolution correctly pins tmp to version 0.2.4, which fixes CVE-2025-54798—a symlink-based arbitrary file/directory write vulnerability in earlier versions. This is an appropriate and recommended security upgrade.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}