-
Notifications
You must be signed in to change notification settings - Fork 154
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[#2142] Fix Vulnerabilities #2143
[#2142] Fix Vulnerabilities #2143
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks for this! @sopa301
Would it be better to merge this after the Node 18 PR is merged?
I think so, the change in Node version may cause unexpected errors, and this PR isn't as high priority as the Node one. |
…42-fix-vulnerabilities
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, nice job
The following links are for previewing this pull request:
|
* [#2120] Update RepoSense contributors in documentation (#2138) The current About page on the RepoSense docs does not reflect the updated list of developers working on RepoSense. Let's move to update the list to more accurately reference the current developers of RepoSense. * [#2001] Extract c-zoom-commit-message component from views/c-zoom (#2132) Many of the frontend files are difficult to navigate through due to the large file sizes. As we add more features to the frontend, it is getting harder to maintain. This is also very unfriendly towards new contributors. Let us break down frontend files in a logical manner, continuing with extracting c-zoom-commit-message from views/c-zoom. * [#2142] Fix Vulnerabilities (#2143) Fix vulnerabilities in codebase. There are existing vulnerabilities in the codebase. Let's fix as many as possible. * Bump follow-redirects from 1.15.4 to 1.15.6 in /frontend (#2160) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6) * Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /frontend (#2168) Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) * [#2151] Update LoadingOverlay and Minor Versions of Node Dependencies (#2152) Update LoadingOverlay and Minor Versions of Node Dependencies Some dependencies are not at their latest minor or patch releases. Let's update these dependencies, as well as LoadingOverlay as part of a bug fix. * Factor out markdown parser * [#2109] Add search by tag functionality (#2167) Add search by tag functionality It can be useful to search author/repos by git tags. Let's add this functionality to make it easier to filter by tags. This commit also fixes a bug that existed in a previous version of the feature which resulted in all users being shown to belong to same group. * Refactor chunks * Fix style * Add parts of blurb * Fix linting * Fix style * Fix missing html parsing * Remove unused import --------- Co-authored-by: George Tay <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jonasongg <[email protected]>
Fixes #2142
Proposed commit message
Other information
@vue/cli-service
is being put on maintenance mode. It might be worthwhile to migrate to the suggestedcreate-vue
to keep dependencies updated.postcss
andvue-loader
had to be installed manually because@vue/cli-service
is not updated with the fixed dependencies yet. These can be removed when@vue/cli-service
has a similar update.