feat: update dependencies to fix vulnerabilities and improve compatib… #13712
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ility Updated key dependencies, including @testing-library/*, eslint, prettier, jest, and puppeteer, to their latest versions. Resolved security vulnerabilities: Rollup (GHSA-gcx4-mw62-g8wm) Serialize-Javascript (GHSA-h9rv-jmmf-4pgx) Axios (GHSA-wf5p-g6vw-rhxx) Got (GHSA-pfrx-2q88-qq97) Lodash (GHSA-35jh-r3h4-6jhm) Ensured compatibility with monorepo structure and modern Node.js/NPM environments. Validated core scripts (build, start, and test) with updated dependencies.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request: Dependency Updates and Security Improvements
This PR updates the dependencies of the create-react-app project to address security vulnerabilities and improve compatibility with modern tooling. Below is a summary of the changes made:
Key Updates:
@testing-library/jest-dom: Updated to version 6.0.0.
@testing-library/react: Updated to version 14.0.0.
@testing-library/user-event: Updated to version 14.4.3.
eslint: Updated to version 8.57.0.
prettier: Updated to version 3.0.3.
jest: Updated to version 29.6.1.
puppeteer: Updated to version 21.0.2.
Additional dependency updates: lerna, husky, fs-extra, globby, and more.
Vulnerabilities Addressed:
This update resolves vulnerabilities as identified by tools like npm audit. Key vulnerabilities fixed include:
GHSA-gcx4-mw62-g8wm (Rollup)
GHSA-h9rv-jmmf-4pgx (Serialize-Javascript)
GHSA-wf5p-g6vw-rhxx (Axios)
GHSA-pfrx-2q88-qq97 (Got)
GHSA-35jh-r3h4-6jhm (Lodash)
Benefits:
Improved Security: Resolves vulnerabilities to ensure a safer dependency ecosystem.
Modern Compatibility: Aligns the project with the latest versions of dependencies for better support and features.
Enhanced Developer Experience: Streamlined scripts and tools using updated versions.
Testing:
The changes have been tested in the monorepo structure to ensure no disruptions in builds, tests, and scripts. The postinstall, build, and start scripts have been validated in the workspace environment.