Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

upgrades postcss to address https://www.npmjs.com/advisories/1094239 #4063

Merged
merged 1 commit into from
Oct 4, 2023
Merged

upgrades postcss to address https://www.npmjs.com/advisories/1094239 #4063

merged 1 commit into from
Oct 4, 2023

Conversation

enekofb
Copy link
Contributor

@enekofb enekofb commented Oct 4, 2023
edited
Loading

What changed?
upgrade postcss to fix found vulnerability

Why was this change made?

➜  weave-gitops git:(main) make ui-audit                                                                                                                                                                                                                                                                                
yarn audit --production
yarn audit v1.22.19
warning ../../../../package.json: No license field
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate      │ PostCSS line return parsing error                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=8.4.31                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1094239                     │
└───────────────┴──────────────────────────────────────────────────────────────┘
1 vulnerabilities found - Packages audited: 975
Severity: 1 Moderate

How was this change implemented?

How did you validate the change?

Run it locally and UI looks functional

Screenshot 2023-10-04 at 13 49 39

Release notes

Documentation Changes

@enekofb enekofb added the type/enhancement New feature or request label Oct 4, 2023
@enekofb enekofb changed the title upgrades postcss to fix https://www.npmjs.com/advisories/1094239 … upgrades postcss to address https://www.npmjs.com/advisories/1094239 Oct 4, 2023
@enekofb enekofb marked this pull request as ready for review October 4, 2023 12:39
@enekofb enekofb merged commit c7674d2 into main Oct 4, 2023
22 checks passed
@enekofb enekofb deleted the fix-postcss-vulnerability branch October 4, 2023 12:50
@weave-gitops-bot weave-gitops-bot mentioned this pull request Oct 11, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yiannistri yiannistri yiannistri approved these changes

Assignees
No one assigned
Labels
type/enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@enekofb @yiannistri