Skip to content

upgrades postcss to address https://www.npmjs.com/advisories/1094239#4063

Merged
enekofb merged 1 commit intomainfrom
fix-postcss-vulnerability
Oct 4, 2023
Merged

upgrades postcss to address https://www.npmjs.com/advisories/1094239#4063
enekofb merged 1 commit intomainfrom
fix-postcss-vulnerability

Conversation

@enekofb
Copy link
Copy Markdown
Contributor

@enekofb enekofb commented Oct 4, 2023
edited
Loading

What changed?
upgrade postcss to fix found vulnerability

Why was this change made?

➜  weave-gitops git:(main) make ui-audit                                                                                                                                                                                                                                                                                
yarn audit --production
yarn audit v1.22.19
warning ../../../../package.json: No license field
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate      │ PostCSS line return parsing error                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=8.4.31                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ postcss                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1094239                     │
└───────────────┴──────────────────────────────────────────────────────────────┘
1 vulnerabilities found - Packages audited: 975
Severity: 1 Moderate

How was this change implemented?

How did you validate the change?

Run it locally and UI looks functional

Screenshot 2023-10-04 at 13 49 39

Release notes

Documentation Changes

@enekofb enekofb added the type/enhancement New feature or request label Oct 4, 2023
@enekofb enekofb changed the title upgrades postcss to fix https://www.npmjs.com/advisories/1094239 … upgrades postcss to address https://www.npmjs.com/advisories/1094239 Oct 4, 2023
@enekofb enekofb marked this pull request as ready for review October 4, 2023 12:39
@enekofb enekofb merged commit c7674d2 into main Oct 4, 2023
@enekofb enekofb deleted the fix-postcss-vulnerability branch October 4, 2023 12:50
@weave-gitops-bot weave-gitops-bot mentioned this pull request Oct 11, 2023
Merged
@weave-gitops-bot weave-gitops-bot mentioned this pull request Jan 2, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yiannistri yiannistri yiannistri approved these changes

Assignees

No one assigned

Labels

type/enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@enekofb @yiannistri