search

equinor / videx-wellog

Well log components
https://equinor.github.io/videx-wellog/
MIT License
20 stars 7 forks source link

Fix dev dependencies vulnerabilities #236

Closed fbosquet-azpn closed 4 months ago

fbosquet-azpn commented 4 months ago

Fixing some vulnerabilities in dev dependencies

Before

npm install

up to date, audited 1111 packages in 3s

108 packages are looking for funding
  run `npm fund` for details

50 vulnerabilities (44 moderate, 5 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

After

npm install

added 52 packages, removed 201 packages, changed 228 packages, and audited 962 packages in 38s

125 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities

npm run build, npm run test, npm run docs and npm run lint are still passing.

fbosquet-azpn commented 4 months ago

@GuillaumeVix @johannesleite Thanks for going to all the previous merge requests that I have marked as obsolete because of my previous work on storybook.

I have done the same thing, I have reviewed the remaining 28 active Pull request related to vulnerability and package upgrade. I have added a comment on all the one that can be closed (25 out of 28).