[Snyk] Security upgrade vectordb from 0.4.20 to 0.21.2

[sestinj]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• binary/package.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Unintended Proxy or Intermediary ('Confused Deputy') SNYK-JS-AXIOS-15965856	848

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

---

Summary by cubic

Upgrade vectordb from 0.4.20 to 0.21.2 to remediate a critical transitive axios vulnerability and harden the binary build.

• Dependencies
  • Updated binary/package.json: vectordb 0.4.20 → 0.21.2.
  • Fixes SNYK-JS-AXIOS-15965856 (Confused Deputy) via transitive axios upgrade.

^{Written for commit e456cb1. Summary will update on new commits.}

[continue]

Documentation Review

No documentation updates needed for this PR.

Reason: This is an internal security patch that upgrades the vectordb dependency to address a transitive axios vulnerability (SNYK-JS-AXIOS-15965856). The change:

• Only affects binary/package.json
• Doesn't introduce new features, configuration options, or API changes
• Doesn't change any user-facing behavior

Dependency version bumps for security fixes don't require documentation updates since users don't directly interact with or configure this internal dependency.

[cubic-dev-ai]

No issues found across 1 file