New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(*): Update dependencies to resolve security alerts #2983
Conversation
馃 Changeset detectedLatest commit: 4489e88 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
a0a82cb
to
0e64341
Compare
769f6d0
to
6446c22
Compare
I had some issues with "List node_modules" of our GH action when updating the Example run: https://github.com/clerk/javascript/actions/runs/8264832463/job/22609252010?pr=2983 |
I changed the
|
b3e2bd3
to
dd550c0
Compare
dd550c0
to
ca4ef70
Compare
ca4ef70
to
fe4c895
Compare
Resolved alerts: - follow-redirects https://github.com/clerk/javascript/security/dependabot/233 - nextjs https://github.com/clerk/javascript/security/dependabot/234 - graphql https://github.com/clerk/javascript/security/dependabot/207
fe4c895
to
f7b8416
Compare
"typescript": "*" | ||
}, | ||
"peerDependencies": { | ||
"next": "^13.0.4 || ^14.0.3", | ||
"next": "^13.5.4 || ^14.0.3", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this a "breaking" change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nikosdouvlis yes, kind of.
if this is for the changeset entry, i guess it's better to change it to major
. Since we are in a pre-release tag, it's okay.
I think that customers who want to Clerk with NextJS in production would probably have a newer @13 version with all the security updates.
Wdyt?
6cf840e
to
7b7cbfb
Compare
Error: Cannot find module @rollup/rollup-linux-x64-gnu. npm has a bug related to optional dependencies (npm/cli#4828). Please try `npm i` again after removing both package-lock.json and node_modules directory.
7b7cbfb
to
4489e88
Compare
Description
Investigate and fix dependabot security alerts and results from
npm audit
.Checklist
npm test
runs as expected.npm run build
runs as expected.Type of change