dbt-labs
Fix npm security vulnerabilities with breaking changes
Summary
- Update Angular to 1.8.3 for improved security
- Update prismjs to 1.30.0 to fix DOM Clobbering vulnerability
- Add braces 3.0.3 to fix Uncontrolled resource consumption vulnerability
- Add body-parser 1.20.3 and other secure dependencies
- Add other dependencies explicitly with secure versions (nth-check, marked, etc.)
Test plan
- Package installs correctly with npm install --legacy-peer-deps
- Application builds properly with webpack
- Confirmed that the most critical vulnerabilities are addressed
Note: Some vulnerabilities remain as fixing them would require major breaking changes to the application, particularly around Bootstrap v3, Angular, and webpack ecosystem.
🤖 Generated with Claude Code
Thank you for your pull request! We could not find a changelog entry for this change. For details on how to document a change, see the contributing guide.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Thank you for your pull request! We could not find a changelog entry for this change. For details on how to document a change, see the contributing guide.
This PR has been marked as Stale because it has been open with no activity as of late. If you would like the PR to remain open, please comment on the PR or else it will be closed in 7 days.