Depends on vulnerable versions of @sveltejs/kit...

[tvanriper]

Describe the bug
npm audit of code using v4.5.1 (current as of this bug report) of sveltekit-adapter-aws reveals that it depends on @sveltejs/kit < 1.15.1, which has reported vulnerabilities.

To Reproduce
Steps to reproduce the behavior:

1. In an existing project that uses sveltekit-adapter-aws v4.5.1, type npm audit
2. Observe the report.

Expected behavior
No vulnerabilities associated with sveltekit-adapter-aws

Screenshots

$ npm audit
# npm audit report

@sveltejs/kit  <1.15.1
Severity: high
SvelteKit vulnerable to Cross-Site Request Forgery - https://github.com/advisories/GHSA-5p75-vc5g-8rv2
No fix available
node_modules/@sveltejs/kit
node_modules/sveltekit-adapter-aws/node_modules/@sveltejs/kit
  sveltekit-adapter-aws  *
  Depends on vulnerable versions of @sveltejs/kit
  node_modules/sveltekit-adapter-aws

2 high severity vulnerabilities

Desktop (please complete the following information):

• OS:Linux (Manjaro, current rolling)
• Browser: Firefox
• Version: 111.0.1

Additional context
I am not sure if it's as serious as it seems, given the cited vulnerability involves CSRF which might not be applicable to this project, but it does make for a bit of noise when you're trying to keep things cleaned up, security-wise.