Skip to content
This repository has been archived by the owner on Nov 7, 2024. It is now read-only.

upgrade and modify dependencies structure #86

Merged
merged 3 commits into from
Mar 13, 2024
Merged

upgrade and modify dependencies structure #86

merged 3 commits into from
Mar 13, 2024

Conversation

raylrui
Copy link
Contributor

@raylrui raylrui commented Mar 12, 2024

Defects fixing:

  1. Take react-scripts, and move it to devDependencies, reference here.
  2. Upgrade all mui and emotion packages to latest version, as it fix some vulnerabilities in recent upgrade.
  3. Upgrade react and testing-library packages and web-vitals to latest version, to fix known vulnerabilities in npm audit.
  4. ""react-refresh" issue after upgrade: overriding to version 0.11.0 work for the specific version missing, reference here.

Testing:

  1. npm audit will still have two defects, but moderate and no critical and high risks.
    nth-check <2.0.1, postcss <8.4.31 which are all vulnerabilities during build/development phase, not in production.
  2. run npm audit --production rather than npm audit, 0 vulnerabilities.

@raylrui raylrui linked an issue Mar 12, 2024 that may be closed by this pull request
Dependencies vulnerabilities fix (Alerts from Dependabot scan) #85
Closed
victorskl
victorskl approved these changes Mar 12, 2024
View reviewed changes
Copy link
Member

@victorskl victorskl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@raylrui
Copy link
Contributor Author

raylrui commented Mar 13, 2024

LGTM!

Thanks. And just make some update to fix some warnings in console after the upgrade.

williamputraintan
williamputraintan approved these changes Mar 13, 2024
View reviewed changes
Copy link
Member

@williamputraintan williamputraintan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM too! 👍

@raylrui raylrui merged commit 784d69d into dev Mar 13, 2024
1 check passed
@williamputraintan williamputraintan mentioned this pull request Mar 13, 2024
Merged
@raylrui raylrui linked an issue Mar 14, 2024 that may be closed by this pull request
Nodejs version upgrade #93
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@williamputraintan williamputraintan williamputraintan approved these changes

@victorskl victorskl victorskl approved these changes

Assignees

@raylrui raylrui

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Nodejs version upgrade Dependencies vulnerabilities fix (Alerts from Dependabot scan)
3 participants
@raylrui @victorskl @williamputraintan