Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SELF-482: Fix loader-utils Vulnerability #538

Merged
merged 1 commit into from
Sep 4, 2024
Merged

SELF-482: Fix loader-utils Vulnerability #538

merged 1 commit into from
Sep 4, 2024

Conversation

NateWaldschmidt
Copy link
Contributor

@NateWaldschmidt NateWaldschmidt commented Sep 4, 2024
edited by jira bot
Loading

JIRA

Description

  • Resolves a security vulnerability caused by loader-utils
  • Tested npm run build, npm run storybook, and installing within another package locally

Reviewer Checklist

This section is to be filled out by reviewers

Testing

  • This code was tested by somebody other than the developer. Do not merge until this has been done.

@guardrails GuardRails
Copy link

guardrails bot commented Sep 4, 2024
edited
Loading

⚠️ We detected 3 security issues in this pull request:

Vulnerable Libraries (3)
Severity Details
Medium pkg:npm/[email protected] (t) upgrade to: > 8.19.0
High pkg:npm/[email protected] (t) upgrade to: > 1.53.0
High pkg:npm/[email protected] (t) upgrade to: > 3.1.6

More info on how to fix Vulnerable Libraries in JavaScript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

NateWaldschmidt
NateWaldschmidt commented Sep 4, 2024
View reviewed changes
package.json
Comment on lines -93 to -94
"vue-loader": "^16.2.0",
"vue-style-loader": "^4.1.3",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are not being used

@NateWaldschmidt NateWaldschmidt force-pushed the SELF-482/fix-loader-utils-vulnerability branch from 23765fa to 12faea5 Compare September 4, 2024 18:32
@aws-amplify-us-west-2 AWS Amplify (us-west-2)
Copy link

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-538.d11k469e311m4w.amplifyapp.com

@NateWaldschmidt NateWaldschmidt force-pushed the SELF-482/fix-loader-utils-vulnerability branch from 12faea5 to c958f09 Compare September 4, 2024 18:43
@NateWaldschmidt NateWaldschmidt marked this pull request as ready for review September 4, 2024 18:59
@NateWaldschmidt NateWaldschmidt requested a review from a team as a code owner September 4, 2024 18:59
juanfriss
juanfriss approved these changes Sep 4, 2024
View reviewed changes
Copy link
Contributor

@juanfriss juanfriss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for fixing

@NateWaldschmidt NateWaldschmidt merged commit 3751c4b into main Sep 4, 2024
4 of 5 checks passed
@NateWaldschmidt NateWaldschmidt deleted the SELF-482/fix-loader-utils-vulnerability branch September 4, 2024 19:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juanfriss juanfriss juanfriss approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@NateWaldschmidt @juanfriss