frictionlessdata.io icon indicating copy to clipboard operation
frictionlessdata.io copied to clipboard
verified publisher icon frictionlessdata

Upgrade website dependencies for better security

Open roll opened this issue 3 years ago • 3 comments

Overview

There is a few issues - https://github.com/frictionlessdata/website/security/dependabot

roll avatar Apr 12 '22 06:04 roll

I did update most of what was possible, but the biggest problem now (the high level security issue) is that the security packages are dependencies from Vuepress. I did update Vuepress to the latest 1 major version, but looks like they fixed it only on Vuepress 2. The migration to Vuepress is not straightforward, specially because the plugin from vuepress 1 are not compatible and we are using 6 plugins.

aivuk avatar Apr 12 '22 12:04 aivuk

Thanks @aivuk!

I'll move it to the backlog

roll avatar Apr 12 '22 12:04 roll