Project: Vulnerability fixes #246

rokotyan · 2023-07-18T18:13:46Z

Security enhancements:

Manually updating deep dependencies in the package-lock.json to resolve the vulnerability warnings (it's an anti-pattern but we had to do it).
Fixing security issues in our code found by CodeQL.

npm audit results:

#0

Project: Updating dependencies to fix vulnerability warnings

82c49d7

#0

rokotyan marked this pull request as draft July 18, 2023 18:13

rokotyan added 3 commits July 18, 2023 16:38

Utils | Text: Sanitizing SVG code before parsing

061ec2d

#0

Utils: Fixing potential vulnerabilities

d1fbe68

#0

Workflows: Adding CodeQL

ccb9424

#0

rokotyan force-pushed the fix/vuln branch 5 times, most recently from a000902 to 015fb61 Compare July 19, 2023 22:20

Project: Updating license summary and esbuild

198a313

#0

rokotyan force-pushed the fix/vuln branch from 015fb61 to 198a313 Compare July 19, 2023 22:28

rokotyan requested a review from reb-dev July 19, 2023 22:28

rokotyan assigned reb-dev Jul 19, 2023

rokotyan added the enhancement New feature or request label Jul 19, 2023

rokotyan added this to the Release 1.2.1 milestone Jul 19, 2023

Dev: Updating vulnerable dependencies via npm audit fix

9d4236a

#0

rokotyan marked this pull request as ready for review July 19, 2023 22:38

rokotyan changed the title ~~Project: Updating dependencies to fix vulnerability warnings~~ Project: Vulnerability fixes Jul 20, 2023

reb-dev approved these changes Jul 20, 2023

View reviewed changes

rokotyan merged commit c32c077 into main Jul 24, 2023
3 checks passed

rokotyan mentioned this pull request Aug 22, 2023

Release: 1.2.1 #266

Merged

Provide feedback