Update vitest to 1.6.1 to address security vulnerability CVE-2025-24964

[guntherjh]

Hopefully this one is fairly straight forward. Our security team got alerted on a vulnerability in the version of vitest used. More information here. This PR bumps the version of vitest to 1.6.1.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 5f235d2

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[eoghanmurray]

sorting things is admirable, but has the downside that it generates conflicts in other PRs, e.g. another PR I'm cherry-picking this on has removed the puppeteer dependency from here

[guntherjh]

Oh whoops. This wasn't done manually/intentionally. I think it may just be yarn appending the new version when the package was updated 🤔

[eoghanmurray]

Would it be possible to simplify? I think we'd need some process that automatically does this as part of existing processes e.g. prettier (yarn:format)

[guntherjh]

Yeah that's probably a good idea as a matter of standardization. I'm happy to look in to this, but will probably submit a separate PR for this work just to keep the concerns separated.