chore: Forced an update for babel packages for security vulnerability #2098
chore: Forced an update for babel packages for security vulnerability #2098colinmurphy merged 10 commits intocanaryfrom
Conversation
🦋 Changeset detectedLatest commit: ea43f15 The changes in this PR will be included in the next version bump. This PR includes changesets to release 4 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
@moonmeister @wpengine/headless-open-source Sorry tested again locally and still some issues so I need to fix these first. I will let you know once I fix these issues |
…//github.com/wpengine/faustjs into chore-update-babel-packages-for-dependencies
📦 Next.js Bundle Analysis for @faustwp/getting-started-exampleThis analysis was generated by the Next.js Bundle Analysis action. 🤖 🎉 Global Bundle Size Decreased
DetailsThe global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster. Any third party scripts you have added directly to your app using the If you want further insight into what is behind the changes, give @next/bundle-analyzer a try! |
Noting you need to run `npm install` after you run `npm npm-force-resolutions` to apply thopse changes to the lock file.
…rectly. Might be some legacy issue.
|
For anyone who needs to update those babel packages as a temporary fix.
"resolutions": {
"@babel/runtime": "7.27.0"
}
|
Tasks
Description
Currently a lot of packages in Faust have hard dependencies on babel/runtime 7.,25.7.
We need to update to min version 7.26.10 to fix a moderate security issue - GHSA-968p-4wvh-cqc8
Related Issue(s):
Testing
Screenshots
See screenshot from running
npm auditafter applying the resolutionDocumentation Changes
Dependant PRs