[#2142] Fix Vulnerabilities #2143
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ckcherry23
approved these changes
Mar 9, 2024
There was a problem hiding this comment.
LGTM, thanks for this! @sopa301
Would it be better to merge this after the Node 18 PR is merged?
|
I think so, the change in Node version may cause unexpected errors, and this PR isn't as high priority as the Node one. |
…42-fix-vulnerabilities
|
The following links are for previewing this pull request:
|
asdfghjkxd
added a commit
that referenced
this pull request
Apr 4, 2024
* [#2120] Update RepoSense contributors in documentation (#2138) The current About page on the RepoSense docs does not reflect the updated list of developers working on RepoSense. Let's move to update the list to more accurately reference the current developers of RepoSense. * [#2001] Extract c-zoom-commit-message component from views/c-zoom (#2132) Many of the frontend files are difficult to navigate through due to the large file sizes. As we add more features to the frontend, it is getting harder to maintain. This is also very unfriendly towards new contributors. Let us break down frontend files in a logical manner, continuing with extracting c-zoom-commit-message from views/c-zoom. * [#2142] Fix Vulnerabilities (#2143) Fix vulnerabilities in codebase. There are existing vulnerabilities in the codebase. Let's fix as many as possible. * Bump follow-redirects from 1.15.4 to 1.15.6 in /frontend (#2160) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6) * Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /frontend (#2168) Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) * [#2151] Update LoadingOverlay and Minor Versions of Node Dependencies (#2152) Update LoadingOverlay and Minor Versions of Node Dependencies Some dependencies are not at their latest minor or patch releases. Let's update these dependencies, as well as LoadingOverlay as part of a bug fix. * Factor out markdown parser * [#2109] Add search by tag functionality (#2167) Add search by tag functionality It can be useful to search author/repos by git tags. Let's add this functionality to make it easier to filter by tags. This commit also fixes a bug that existed in a previous version of the feature which resulted in all users being shown to belong to same group. * Refactor chunks * Fix style * Add parts of blurb * Fix linting * Fix style * Fix missing html parsing * Remove unused import --------- Co-authored-by: George Tay <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jonasongg <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #2142
Proposed commit message
Other information
@vue/cli-serviceis being put on maintenance mode. It might be worthwhile to migrate to the suggestedcreate-vueto keep dependencies updated.postcssandvue-loaderhad to be installed manually because@vue/cli-serviceis not updated with the fixed dependencies yet. These can be removed when@vue/cli-servicehas a similar update.