Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

upgrades postcss to address https://www.npmjs.com/advisories/1094239 #4063

Merged
merged 1 commit into from
Oct 4, 2023

Conversation

enekofb
Copy link
Contributor

@enekofb enekofb commented Oct 4, 2023

What changed?
upgrade postcss to fix found vulnerability

Why was this change made?

➜  weave-gitops git:(main) make ui-audit                                                                                                                                                                                                                                                                                
yarn audit --production
yarn audit v1.22.19
warning ../../../../package.json: No license field
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate      │ PostCSS line return parsing error                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=8.4.31                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1094239                     │
└───────────────┴──────────────────────────────────────────────────────────────┘
1 vulnerabilities found - Packages audited: 975
Severity: 1 Moderate

How was this change implemented?

How did you validate the change?

Run it locally and UI looks functional

Screenshot 2023-10-04 at 13 49 39

Release notes

Documentation Changes

@enekofb enekofb added the type/enhancement New feature or request label Oct 4, 2023
@enekofb enekofb changed the title upgrades postcss to fix https://www.npmjs.com/advisories/1094239 … upgrades postcss to address https://www.npmjs.com/advisories/1094239 Oct 4, 2023
@enekofb enekofb marked this pull request as ready for review October 4, 2023 12:39
@enekofb enekofb merged commit c7674d2 into main Oct 4, 2023
21 checks passed
@enekofb enekofb deleted the fix-postcss-vulnerability branch October 4, 2023 12:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type/enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants