[frontend] Fix vulnerabilities reported by npm audit #3524
Merged
Commits on Nov 1, 2023
-
[frontend] Fix vulnerabilities reported by npm audit
The following packages were automatically upgraded to safe versions by running "npm audit fix": adobe/css-tools <4.3.1 Severity: moderate Regular Expression Denial of Service (ReDOS) while Parsing CSS - GHSA-hpx4-r86g-5jrg @babel/traverse <7.23.2 Severity: critical Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code - GHSA-67hx-6x53-jw92 json5 <1.0.2 Severity: high Prototype Pollution in JSON5 via Parse Method - GHSA-9c47-m6qq-7p4h postcss <8.4.31 Severity: moderate PostCSS line return parsing error - GHSA-7fh5-64p2-3v2j semver <5.7.2 || >=7.0.0 <7.5.2 Severity: moderate semver vulnerable to Regular Expression Denial of Service - GHSA-c2qf-rxjj-qqgw
Commits on Nov 3, 2023
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.