Skip to content

fix: npm security vulnerabilities#7185

Merged
kyle-ssg merged 10 commits intorefactor/esmfrom
fix/security-vulnerabilities
Apr 8, 2026
Merged

fix: npm security vulnerabilities#7185
kyle-ssg merged 10 commits intorefactor/esmfrom
fix/security-vulnerabilities

Conversation

@kyle-ssg
Copy link
Copy Markdown
Member

@kyle-ssg kyle-ssg commented Apr 8, 2026
edited
Loading

Thanks for submitting a PR! Please check the boxes below:

  • I have read the Contributing Guide.
  • I have added information to docs/ if required so people know about the feature.
  • I have filled in the "Changes" section below.
  • I have filled in the "How did you test this code" section below.

Changes

Note: I've branched from the feat/rspack branch since this adjusts dependencies and lock quite a bit.

How did you test this code?

  • builds / e2e

kyle-ssg and others added 9 commits April 8, 2026 13:24
@kyle-ssg
Remove unused dependencies
7b60519
@kyle-ssg
Add rspack
f3874dc
@kyle-ssg
Remove warnings / add webpack peer dep for sentry plugin
63a116e
@kyle-ssg @claude
Reinstall raw-loader as devDependency for Storybook
0919cc8 
Storybook's webpack5 builder still needs raw-loader which was removed
during the rspack migration.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@kyle-ssg
Merge remote-tracking branch 'origin/refactor/remove-unused-dependenc…
7a36d00 
…ies' into fix/security-vulnerabilities

# Conflicts:
#	frontend/package-lock.json
#	frontend/package.json
@kyle-ssg @claude
Remove unused dependencies and fix security vulnerabilities
fa5892f 
Remove animejs, cors, fetchify, postcss-loader, rc-slider,
suppress-exit-code, ts-node, vega. Fix vite vulnerability
in @gram-ai/elements transitive dep.

0 vulnerabilities remaining.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@kyle-ssg
Merge remote-tracking branch 'origin/main' into fix/security-vulnerab…
a2004c4 
…ilities
@kyle-ssg
Merge remote-tracking branch 'origin/main' into feat/rspack
1be6185
@kyle-ssg
Merge branch 'feat/rspack' into fix/security-vulnerabilities
6d07c24
@kyle-ssg kyle-ssg requested a review from a team as a code owner April 8, 2026 14:48
@kyle-ssg kyle-ssg requested review from Zaimwa9 and removed request for a team April 8, 2026 14:48
claude[bot]
claude bot reviewed Apr 8, 2026
View reviewed changes
Copy link
Copy Markdown

@claude claude bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Code review skipped — your organization's overage spend limit has been reached.

Code review is billed via overage credits. To resume reviews, an organization admin can raise the monthly limit at claude.ai/admin-settings/claude-code.

Once credits are available, reopen this pull request to trigger a review.

@github-actions github-actions bot added the front-end Issue related to the React Front End Dashboard label Apr 8, 2026
@kyle-ssg kyle-ssg changed the title Fix/security vulnerabilities fix: npm security vulnerabilities Apr 8, 2026
@vercel
Copy link
Copy Markdown

vercel bot commented Apr 8, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
flagsmith-frontend-preview Ready Ready Preview, Comment Apr 8, 2026 8:06pm
flagsmith-frontend-staging Ready Ready Preview, Comment Apr 8, 2026 8:06pm
1 Skipped Deployment
Project Deployment Actions Updated (UTC)
docs Ignored Ignored Preview Apr 8, 2026 8:06pm

Request Review

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 8, 2026
edited
Loading

Docker builds report

Image Build Status Security report
ghcr.io/flagsmith/flagsmith-api-test:pr-7185 Finished ✅ Skipped
ghcr.io/flagsmith/flagsmith-api:pr-7185 Finished ✅ Results
ghcr.io/flagsmith/flagsmith:pr-7185 Finished ✅ Results
ghcr.io/flagsmith/flagsmith-private-cloud:pr-7185 Finished ✅ Results
ghcr.io/flagsmith/flagsmith-e2e:pr-7185 Finished ✅ Skipped
ghcr.io/flagsmith/flagsmith-frontend:pr-7185 Finished ✅ Results

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 8, 2026
edited
Loading

Playwright Test Results (oss - depot-ubuntu-latest-arm-16)

passed  11 passed

Details

stats  11 tests across 8 suites
duration  56.4 seconds
commit  6d07c24
info  🔄 Run: #15888 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)

passed  2 passed

Details

stats  2 tests across 2 suites
duration  29.1 seconds
commit  6d07c24
info  🔄 Run: #15888 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-16)

passed  1 passed

Details

stats  1 test across 1 suite
duration  56.1 seconds
commit  6d07c24
info  🔄 Run: #15888 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-16)

passed  11 passed

Details

stats  11 tests across 8 suites
duration  22.1 seconds
commit  6d07c24
info  🔄 Run: #15888 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-arm-16)

passed  11 passed

Details

stats  11 tests across 8 suites
duration  52.5 seconds
commit  cde8fbd
info  🔄 Run: #15906 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-16)

passed  11 passed

Details

stats  11 tests across 8 suites
duration  11.2 seconds
commit  cde8fbd
info  🔄 Run: #15906 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-16)

passed  2 passed

Details

stats  2 tests across 2 suites
duration  54.3 seconds
commit  cde8fbd
info  🔄 Run: #15906 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)

passed  2 passed

Details

stats  2 tests across 2 suites
duration  1 minute, 3 seconds
commit  cde8fbd
info  🔄 Run: #15906 (attempt 1)

@kyle-ssg kyle-ssg mentioned this pull request Apr 8, 2026
Closed
@kyle-ssg kyle-ssg linked an issue Apr 8, 2026 that may be closed by this pull request
Review unused dependencies #7180
Open
Base automatically changed from feat/rspack to refactor/esm April 8, 2026 18:51
@kyle-ssg
Merge branch 'refactor/esm' into fix/security-vulnerabilities
cde8fbd 
# Conflicts:
#	frontend/package-lock.json
#	frontend/package.json
#	frontend/rspack/rspack.config.local.js
#	frontend/rspack/rspack.config.prod.js
@kyle-ssg kyle-ssg merged commit 65eb707 into refactor/esm Apr 8, 2026
7 of 10 checks passed
@kyle-ssg kyle-ssg deleted the fix/security-vulnerabilities branch April 8, 2026 20:05
@github-actions github-actions bot added the fix label Apr 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

@talissoncosta talissoncosta talissoncosta approved these changes

@Zaimwa9 Zaimwa9 Awaiting requested review from Zaimwa9 Zaimwa9 was automatically assigned from Flagsmith/flagsmith-front-end

Assignees

No one assigned

Labels

fix front-end Issue related to the React Front End Dashboard

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Review unused dependencies

2 participants

@kyle-ssg @talissoncosta