chore: bump @btst/stack to 2.8.1

[olliethedev]

Summary

• @btst/db version bump

Type of change

• Bug fix
• New plugin
• Feature / enhancement to an existing plugin
• Documentation
• Chore / refactor / tooling

Checklist

• pnpm build passes
• pnpm typecheck passes
• pnpm lint passes
• Tests added or updated (unit and/or E2E)
• Docs updated (docs/content/docs/) if consumer-facing types or behavior changed
• All three example apps updated if a plugin was added or changed
• New plugin: submission checklist in CONTRIBUTING.md completed

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
better-stack-docs	Ready	Preview, Comment	Mar 17, 2026 10:14pm

[cursor]

Security Review — No High-Confidence Vulnerabilities Found

PR scope: Pure dependency version bump — no application source code was modified.

What changed

Package	Old	New
@btst/stack	2.8.0	2.8.1
@btst/db	2.1.0	2.1.1
@btst/adapter-memory	2.1.0	2.1.1
@btst/adapter-drizzle	2.1.0	2.1.1
@btst/adapter-kysely	2.1.0	2.1.1
@btst/adapter-mongodb	2.1.0	2.1.1
@btst/adapter-prisma	2.1.0	2.1.1

All changes are version string updates in package.json files and the corresponding pnpm-lock.yaml resolution entries. No TypeScript, JavaScript, HTML, CSS, or configuration files outside of dependency manifests were touched.

Checklist results

• Injection / path traversal: No source code edits — not applicable.
• Authn/authz: No source code edits — not applicable.
• Secrets / token leakage: No secrets or credentials introduced.
• Unsafe deserialization / SSRF / XSS / CSRF: No source code edits — not applicable.
• Dependency / supply-chain risk: All bumped packages are first-party @btst/* packages owned by this organization. No third-party package versions changed. The pnpm-lock.yaml records SHA-512 integrity hashes for every new package version, ensuring the exact bytes fetched from the registry are verified by pnpm at install time.

Note

The actual source changes shipped inside the @btst/ npm packages (2.1.0 → 2.1.1) are not visible in this diff. A thorough supply-chain review should confirm that the newly published package tarballs were built from the expected commits in this repository and that the npm publish token was not compromised. The presence of correct integrity hashes in the lock file mitigates post-publication tampering.

  

_{Sent by Cursor Automation: Find vulnerabilities}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[github-actions]

✅ Shadcn registry validated — no registry changes detected.