[Snyk] Security upgrade nuxt-og-image from 3.0.6 to 6.2.5

[kevin-benton]

Snyk has created this PR to fix 2 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Cross-site Scripting (XSS) SNYK-JS-NUXTOGIMAGE-15930636	229
	Allocation of Resources Without Limits or Throttling SNYK-JS-NUXTOGIMAGE-15930637	83

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)
🦉 Allocation of Resources Without Limits or Throttling

[kevin-benton]

This major upgrade from nuxt-og-image v3 to v6 introduces significant breaking changes, requiring code and configuration updates.

High Impact Changes (from v6.0.0)

• Component Renderer Suffix Required: All OG Image components must be renamed to include a renderer suffix in their filename (e.g., MyTemplate.satori.vue or MyTemplate.takumi.vue). This is a mandatory change for the module to detect the component renderer.
• Font Configuration Removed: The ogImage.fonts configuration has been removed. Font management is now handled by the @nuxt/fonts module, which must be installed separately. The module bundles a fallback font, so if you were only using 'Inter', you may be able to remove your font configuration entirely.
• Import Path Changes: The internal #nuxt-og-image-utils alias has been removed. Imports should be updated to use #og-image/shared. The import path for useOgImageRuntimeConfig has also changed.
• Nuxt Content v2 Support Dropped: Support for @nuxt/content v2 has been removed. You must upgrade to v3 or later if you use this integration.

Medium Impact Changes (from v5.0.0)

• Nuxt Version Requirement: nuxt-og-image v5 and later require Nuxt v3.16.0 or newer.

Recommendation:
This upgrade requires several manual steps. It is highly recommended to follow the official v5 to v6 migration guide. A migration CLI tool is also available to automate some of the changes:
npx nuxt-og-image migrate v6

Source: v6 Migration Guide, v6 Release Announcement

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.