dashboard
dashboard copied to clipboard
karmada-io
Update dependencies version
What would you like to be added: We need to update the dependencies version due to security concerns:
Dependencies in ui/apps/dashboard/pnpm-lock.yaml:
- [ ] Upgrade
cross-spawnto version 7.0.5 or later. - [ ] Upgrade
nanoidto version 3.3.8 or later. - [ ] Upgrade
rollupto version 4.22.4 or later. - [ ] Upgrade
axiosto version 1.7.4 or later. - [ ] Upgrade
viteto version 5.3.6 or later. - [ ] Upgrade
micromatchto version 4.0.8 or later.
Dependencies in go.mod
- [x] Upgrade github.com/golang-jwt/jwt/v4 to version 4.5.1 or later. (@RainbowMango, #158)
- [x] Upgrade golang.org/x/crypto to version 0.31.0 or later. (@adwait-godbole, #185)
- [x] Upgrade golang.org/x/net to version 0.33.0 or later. (@adwait-godbole, #185)
Why is this needed:
- cross-spawn is introduced by tsup, submited PR but no response: https://github.com/egoist/tsup/pull/1275
- axios and vite are outdated:
-
axios:
-
vite:
-