Skip to content

⬆️ Upgrade Node.js to v24, bump npm dependencies #1798

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

⬆️ Upgrade Node.js to v24, bump npm dependencies #1798

wants to merge 3 commits into from

Conversation

alexrockhill
Copy link
Contributor

There's a security vulnerability from an outdated package, this fixes it

full-stack-fastapi-template/frontend$ npm install

added 58 packages, removed 1 package, and audited 342 packages in 1s

49 packages are looking for funding
  run `npm fund` for details

42 high severity vulnerabilities

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

After

$ npm install

up to date, audited 349 packages in 591ms

49 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities

@alexrockhill
Copy link
Contributor Author

@tiangolo maybe this is worth a minute to merge since it's supposed to be a high security vulnerability if you have a minute, thanks!

YuriiMotov
YuriiMotov reviewed Sep 3, 2025
View reviewed changes
package-lock.json Outdated
Comment on lines 1 to 6
{
"name": "full-stack-fastapi-template",
"lockfileVersion": 3,
"requires": true,
"packages": {}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please explain why this file in the root directory is needed?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah sorry mistake!

@YuriiMotov YuriiMotov changed the title BUG: Fix security vulnerability ⬆️ Upgrade Node.js to v24, bump npm dependencies Sep 3, 2025
@github-actions github-actions bot added the conflicts Automatically generated when a PR has a merge conflict label Sep 7, 2025
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 7, 2025

This pull request has a merge conflict that needs to be resolved.

@alejsdev
Copy link
Member

alejsdev commented Sep 8, 2025

Hi @alexrockhill, thank you for your interest, but this has already been addressed in two other PRs. The warning should be gone by now! Given that, I'll close this PR. Thanks for your effort 🚀

@alejsdev alejsdev closed this Sep 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@YuriiMotov YuriiMotov YuriiMotov left review comments

Assignees
No one assigned
Labels
conflicts Automatically generated when a PR has a merge conflict
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alexrockhill @alejsdev @YuriiMotov