chatGPTBox
chatGPTBox copied to clipboard
josStorer
Update dependencies to address security vulnerabilities
Run npm audit fix to resolve multiple security issues:
- webpack 5.92.1 to 5.97.1 - mitigated XSS risk (https://github.com/advisories/GHSA-4vvj-4cpr-p986)
- elliptic 6.5.7 to 6.6.1 - fixed ECDSA validation (https://github.com/advisories/GHSA-fc9h-whq2-v747)
- katex 0.16.11 to 0.16.21 - patched HTML validation (https://github.com/advisories/GHSA-cg87-wmx4-v546)
- nanoid 3.3.7 to 3.3.8 - fixed predictable IDs (https://github.com/advisories/GHSA-mwcw-c2x4-8c55)
- cross-spawn 7.0.3 to 7.0.6 - partial ReDoS fix (https://github.com/advisories/GHSA-3xgq-45jj-v275)
Related dependency updates:
- @types/estree 1.0.5 to 1.0.6
- @webassemblyjs/ast and related packages 1.12.1 to 1.14.1
- browserslist 4.23.1 to 4.24.4
Reduces vulnerabilities from 7 (1 low, 3 moderate, 3 high) to 3 (high).
The remaining vulnerabilities require major version upgrades or involve manually breaking change handling to fully resolve the issues.
By the way, I manually built and tested the basic functionality of the Firefox version, and at least within the range of features I commonly use, everything works fine with no breaking chances.
Qodo Merge was enabled for this repository. To continue using it, please link your Git account with your Qodo account here.
PR Code Suggestions ✨
No code suggestions found for the PR.
![qodo-code-review[bot] avatar](https://avatars.githubusercontent.com/in/484649?v=4 "Published by a pub.dev verified publisher"){kind=small}