Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need to override nth-check to 2.0.1 #13228

Closed
wants to merge 5 commits into from
Closed

Need to override nth-check to 2.0.1 #13228

wants to merge 5 commits into from

Conversation

dave9123
Copy link

@dave9123 dave9123 commented Jun 11, 2023
edited

Fixes #11174, #13186, #13227 thanks to #12132 (comment) by @GlennVialli and @FernandoPerezLara

When running npm audit, this message shows:
image

And after modifying it to version 8.0.1, it shows:
image

@pheeblyboos
Copy link

I think you also need to commit the package-lock otherwise the pipelines will fail. See the ADO logs:
image

@dave9123
Copy link
Author

Forgot about it, but why don't package-lock.json be hidden instead?

@pheeblyboos
Copy link

Hidden? You mean ignored? No it is best practice to update and commit your package-lock.json when you update your package.json to create a consistent and reproducible tree for your node modules.

@dave9123
Copy link
Author

Workflow fails for some reason

@dave9123
Copy link
Author

dave9123 commented Jun 12, 2023
edited

Seems like some workbox-webpack-plugin dependencies got depreciated

@dave9123 dave9123 changed the title Fixed the vulnerability message due to an issue with @svgr/webpack Fixed the vulnerability message due to an issue with some dependencies Jun 12, 2023
@dave9123
Copy link
Author

dave9123 commented Jun 12, 2023
edited

@babel/babel ended support for NodeJS 14

@JJeris
Copy link

JJeris commented Jul 18, 2023

Fixes #11174, #13186, #13227 thanks to #12132 (comment) by @GlennVialli and @FernandoPerezLara

When running npm audit, this message shows: image

And after modifying it to version 8.0.1, it shows: image
And after modifying it to version 8.0.1, it shows:

Modifying what exactly?

@dave9123 dave9123 changed the title Fixed the vulnerability message due to an issue with some dependencies Need to override nth-check to 2.0.1 Jul 18, 2023
@dave9123 dave9123 closed this Jul 18, 2023
@BagchiMB
Copy link

Hi @dave9123 sorry I don't understand but why did you close this PR? This is a valid fix right?

@dave9123
Copy link
Author

Nope, another issue with postcss

@dave9123
Copy link
Author

Gotta do both nth-check and postcss

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
CLA Signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Help, npm audit says I have a vulnerability in react-scripts!
5 participants
@dave9123 @pheeblyboos @JJeris @BagchiMB @facebook-github-bot