Skip to content

chore: upgrade package dependencies #38

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
lorainegarutti wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

chore: upgrade package dependencies #38

lorainegarutti wants to merge 1 commit into from

Conversation

@lorainegarutti
Copy link
Contributor

@lorainegarutti lorainegarutti commented Feb 21, 2023
edited
Loading

Upgrading package dependencies.

Obs: @PauloGoncalvesBH I'm bumping project patch version to justify the chore upgrade. Let me know what you think!

Before:

48 vulnerabilities (1 low, 16 moderate, 25 high, 6 critical)

After:

npm audit
# npm audit report

nth-check  <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/svgo/node_modules/nth-check
  css-select  <=3.1.0
  Depends on vulnerable versions of nth-check
  node_modules/svgo/node_modules/css-select
    svgo  1.0.0 - 1.3.2
    Depends on vulnerable versions of css-select
    node_modules/svgo
      @svgr/plugin-svgo  <=5.5.0
      Depends on vulnerable versions of svgo
      node_modules/@svgr/plugin-svgo
        @svgr/webpack  4.0.0 - 5.5.0
        Depends on vulnerable versions of @svgr/plugin-svgo
        node_modules/@svgr/webpack
          react-scripts  >=2.1.4
          Depends on vulnerable versions of @svgr/webpack
          node_modules/react-scripts

6 high severity vulnerabilities

which could be considered a "false alarm"

@lorainegarutti lorainegarutti force-pushed the update-packages-versions branch from 4b93d72 to 491cb4a Compare February 21, 2023 02:32
@lorainegarutti lorainegarutti force-pushed the update-packages-versions branch from 491cb4a to e938e87 Compare February 21, 2023 02:44
@PauloGoncalvesBH PauloGoncalvesBH self-requested a review February 27, 2023 15:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PauloGoncalvesBH PauloGoncalvesBH PauloGoncalvesBH approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lorainegarutti @PauloGoncalvesBH