Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Upgrade Front-end Dependencies #3187
Upgrades a number of dependencies to resolve security issues. Nunjucks has not been upgraded and is relegated to #3140.
mmcfarland left a comment •
I upgraded FF in 88e91e7 in order to get the app VM to provision. Once I did that, tests pass. However, I do see one low security issue outside of Nunjucks:
App and build tools continue to function correctly.
$ kj yarn why clean-css yarn why v1.19.1 [1/4] Why do we have the module "clean-css"...? [2/4] Initialising dependency graph... [3/4] Finding dependency... [4/4] Calculating file sizes... => Found "firstname.lastname@example.org" info Has been hoisted to "clean-css" info This module exists because it's specified in "dependencies". info Disk size without dependencies: "119.23MB" info Disk size with unique dependencies: "138.27MB" info Disk size with transitive dependencies: "138.27MB" info Number of shared dependencies: 1 => Found "email@example.com" info This module exists because "jstify#html-minifier" depends on it. info Disk size without dependencies: "71.22MB" info Disk size with unique dependencies: "96.27MB" info Disk size with transitive dependencies: "96.27MB" info Number of shared dependencies: 2 Done in 1.07s.
I think we should mark it same as Nunjucks.