Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: upgrade vite to solve vulnerability #1700

Merged
merged 5 commits into from
Mar 24, 2025
Merged

fix: upgrade vite to solve vulnerability #1700

merged 5 commits into from
Mar 24, 2025
+74 −33

Conversation

wilsonrivera
Copy link
Contributor

@wilsonrivera wilsonrivera commented Mar 17, 2025
edited
Loading

Motivation and Context

I have upgraded the vite package by removing and reinstalling it in playground in order to solve a vulnerability caused by version <= 5.4.11

This was achieved with the following commands:

cd playground
pnpm remove vite
pnpm add --save-dev vite@^5.4.14

Checklist

  • I have discussed my proposed changes in an issue and have received approval to proceed.
  • I have followed the coding standards of the project.
  • Tests or benchmarks have been added or updated.
  • Documentation has been updated on https://github.com/wundergraph/cosmo-docs.
  • I have read the Contributors Guide.

@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 17, 2025
edited
Loading

Router image scan passed

✅ No security vulnerabilities found in image:

ghcr.io/wundergraph/cosmo/router:sha-34e00e709640e5eb9404a1392b311294cb565a14

@StarpTech StarpTech enabled auto-merge (squash) March 17, 2025 23:52
@StarpTech StarpTech disabled auto-merge March 17, 2025 23:52
StarpTech
StarpTech approved these changes Mar 24, 2025
View reviewed changes
Copy link
Contributor

@StarpTech StarpTech left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@wilsonrivera wilsonrivera merged commit a8bb8e5 into main Mar 24, 2025
13 checks passed
@wilsonrivera wilsonrivera deleted the wilson/eng-6720-upgrade-vite branch March 24, 2025 18:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@StarpTech StarpTech StarpTech approved these changes

Assignees
No one assigned
Labels
monorepo router
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wilsonrivera @StarpTech