search

makerdao / governance-portal-v2

Governance Portal V2
https://vote.makerdao.com/
GNU Affero General Public License v3.0
47 stars 49 forks source link

Bump next, react versions #886

Closed adamgoth closed 5 months ago

adamgoth commented 5 months ago

Addresses issue: https://github.com/makerdao/governance-portal-v2/security/dependabot/86

Upgrade guide: https://nextjs.org/docs/app/building-your-application/upgrading/version-14

vercel[bot] commented 5 months ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
governance-portal-v2 ✅ Ready (Inspect) Visit Preview May 14, 2024 7:31am
socket-security[bot] commented 5 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@coinbase/wallet-sdk@3.6.6 environment Transitive: network +12 20 MB jungho.bang
npm/@dethcrypto/eth-sdk-client@0.1.6 None 0 3.17 kB ethereum-ts-bot
npm/@dethcrypto/eth-sdk@0.3.4 Transitive: environment, filesystem, network, shell +22 2.48 MB ethereum-ts-bot
npm/@emotion/react@11.11.4 environment +6 779 kB emotion-release-bot
npm/@ensdomains/ens-avatar@0.1.8 environment, eval, network +7 1.93 MB mdt.
npm/@ethersproject/experimental@5.7.0 None +1 320 kB ricmoo
npm/@graphql-codegen/cli@2.16.5 environment, filesystem, network, shell, unsafe +1 231 kB dotansimha
npm/@graphql-codegen/introspection@2.2.3 None 0 7.26 kB dotansimha
npm/@graphql-codegen/typescript-operations@2.5.13 None 0 42.4 kB dotansimha
npm/@graphql-codegen/typescript-react-apollo@3.3.7 None 0 66.3 kB dotansimha
npm/@graphql-codegen/typescript@2.8.8 None 0 88.6 kB dotansimha
npm/@graphql-codegen/urql-introspection@2.2.1 None 0 11.5 kB dotansimha
npm/@makerdao-dux/gnosis-safe@8.0.6-beta.1 None 0 7.92 kB adamgoth
npm/@makerdao/dai-ui-icons-branding@0.0.39 Transitive: environment +1 597 kB b-pmcg
npm/@makerdao/dai-ui-icons@0.0.39 None 0 90.6 kB b-pmcg
npm/@makerdao/i18n-helper@0.1.8 None 0 27.5 kB sirromdev
npm/@metamask/post-message-stream@7.0.0 None 0 75.9 kB gudahtt
npm/@metamask/providers@14.0.2 None +1 225 kB metamaskbot
npm/@octokit/core@4.2.1 None +1 80.7 kB octokitbot
npm/@protobufjs/aspromise@1.1.2 None 0 9.05 kB dcode
npm/@reach/dialog@0.16.2 environment 0 46.6 kB chancestrickland
npm/@reach/listbox@0.18.0 environment +1 525 kB chancestrickland
npm/@reach/menu-button@0.16.2 environment 0 50.8 kB chancestrickland
npm/@reach/tabs@0.10.5 environment 0 146 kB mjackson
npm/@reach/tooltip@0.16.2 environment 0 74.3 kB chancestrickland
npm/@testing-library/dom@8.20.0 environment 0 2.92 MB testing-library-bot
npm/@testing-library/jest-dom@5.16.5 None +6 221 kB testing-library-bot
npm/@testing-library/react@11.2.7 environment 0 5.57 MB testing-library-bot
npm/@testing-library/user-event@13.5.0 None 0 165 kB testing-library-bot
npm/@theme-ui/color@0.14.7 environment 0 33.3 kB hasparus
npm/@theme-ui/css@0.12.1 environment 0 153 kB hasparus
npm/@theme-ui/match-media@0.12.1 environment 0 19.4 kB hasparus
npm/@typechain/ethers-v5@10.2.1 filesystem +1 156 kB ethereum-ts-bot
npm/@types/jest@29.5.1 None 0 79.2 kB types
npm/@types/lodash@4.14.194 None 0 863 kB types
npm/@types/prettier@2.7.2 None 0 49.5 kB types
npm/@types/react@18.2.6 None +1 367 kB types
npm/@types/testing-library__jest-dom@5.14.5 None 0 30.6 kB types
npm/@typescript-eslint/eslint-plugin@5.59.7 None +1 2.42 MB jameshenry
npm/@typescript-eslint/parser@5.59.7 None 0 18.6 kB jameshenry
npm/@vercel/analytics@0.1.11 None 0 43 kB vercel-release-bot
npm/@web3-react/coinbase-wallet@8.2.0 None 0 13.7 kB grabbou
npm/@web3-react/core@8.2.0 None 0 31.5 kB grabbou
npm/@web3-react/eip1193@8.2.0 None 0 4.75 kB grabbou
npm/@web3-react/metamask@8.2.1 None 0 49 kB grabbou
npm/@web3-react/network@8.2.0 None 0 10.8 kB grabbou
npm/@web3-react/types@8.2.0 None 0 5.61 kB grabbou
npm/@web3-react/walletconnect-v2@8.3.5 None 0 53.7 kB zzmp
npm/array.prototype.flat@1.3.2 None 0 18.7 kB ljharb
npm/array.prototype.flatmap@1.3.2 None 0 19.1 kB ljharb
npm/available-typed-arrays@1.0.7 None +1 31.3 kB ljharb
npm/babel-plugin-superjson-next@0.3.1 None 0 30.6 kB skn0tt
npm/bignumber.js@9.1.1 None 0 350 kB mikemcl
npm/chalk@4.1.2 None +3 73.3 kB sindresorhus
npm/cross-spawn@7.0.3 environment, filesystem, shell +4 47.5 kB satazor
npm/d3-hierarchy@3.1.2 None 0 136 kB mbostock
npm/d3-selection@3.0.0 None 0 135 kB mbostock
npm/date-fns-tz@1.3.8 None 0 211 kB marnusw
npm/date-fns@2.30.0 None 0 6.69 MB kossnocorp
npm/debug@4.3.4 environment 0 42.4 kB qix
npm/defender-relay-client@1.44.0 environment Transitive: network +1 612 kB collins-oz
npm/define-data-property@1.1.4 None +1 38.6 kB ljharb
npm/define-properties@1.2.1 None +1 39.4 kB ljharb
npm/dequal@2.0.3 None 0 14.2 kB lukeed
npm/err-code@3.0.1 None 0 7.76 kB achingbrain
npm/es-errors@1.3.0 None 0 12.3 kB ljharb
npm/es-shim-unscopables@1.0.2 None 0 11 kB ljharb
npm/escalade@3.1.2 filesystem 0 11.6 kB lukeed
npm/eslint-config-next@14.2.3 unsafe +1 245 kB vercel-release-bot
npm/eslint-plugin-jest-dom@4.0.3 Transitive: filesystem +1 86 kB benmonro
npm/eslint-plugin-prettier@4.2.1 None 0 58.3 kB jounqin
npm/eslint-plugin-react@7.32.2 filesystem +1 840 kB ljharb
npm/eslint-plugin-testing-library@5.11.0 filesystem 0 249 kB testing-library-bot
npm/eslint@8.41.0 environment, filesystem Transitive: unsafe +16 5.34 MB eslintbot
npm/eth-rpc-errors@4.0.2 None +1 91.3 kB rekmarks
npm/function.prototype.name@1.1.6 None 0 25.5 kB ljharb
npm/glob@8.1.0 filesystem Transitive: environment +3 76.3 kB isaacs
npm/graphql-request@4.3.0 network 0 165 kB jasonkuhrt
npm/graphql@16.8.1 None 0 1.34 MB i1g
npm/gray-matter@4.0.3 eval, filesystem +1 330 kB rmassaioli
npm/has-bigints@1.0.2 None 0 12.8 kB ljharb
npm/has-tostringtag@1.0.2 None 0 17.6 kB ljharb
npm/husky@6.0.0 filesystem, shell 0 6.1 kB typicode
npm/internal-slot@1.0.7 None 0 20.5 kB ljharb
npm/ipfs-only-hash@4.0.0 None 0 6.32 kB alanshaw
npm/is-core-module@2.13.1 None 0 30.2 kB ljharb
npm/is-negative-zero@2.0.3 None 0 27.1 kB ljharb
npm/it-batch@1.0.9 None 0 4.72 kB achingbrain
npm/jest-canvas-mock@2.5.1 None 0 112 kB atool
npm/jest-environment-jsdom@29.5.0 None 0 8.98 kB simenb
npm/jest@29.5.0 None 0 5.01 kB simenb
npm/json-rpc-engine@6.1.0 None 0 47.4 kB rekmarks
npm/lottie-web@5.11.0 network 0 14.9 MB airnan
npm/mongodb@3.7.3 environment, filesystem, network +1 1.39 MB nbbeeken
npm/next-swagger-doc@0.1.12 environment +1 32.4 kB jellydn
npm/next@14.2.3 environment, filesystem, network, shell, unsafe +1 86.2 MB vercel-release-bot
npm/nextjs-progressbar@0.0.13 None 0 11.3 kB apal21
npm/node-fetch@3.3.1 network 0 107 kB node-fetch-bot
npm/node-mocks-http@1.12.2 environment, network Transitive: eval, filesystem +7 194 kB eugef
npm/nyc@15.1.0 environment, filesystem, unsafe +13 494 kB coreyfarrell
npm/object-inspect@1.13.1 None 0 97.2 kB ljharb
npm/object.hasown@1.1.4 None +1 25.6 kB ljharb
npm/qs@6.11.2 None 0 241 kB ljharb
npm/react-device-detect@2.2.3 None 0 49.6 kB duskload
npm/react-dom@18.3.1 environment +1 4.61 MB react-bot
npm/react-intersection-observer@9.4.3 None 0 215 kB thebuilder
npm/react-loading-skeleton@2.2.0 environment 0 23.9 kB dvtng
npm/react-qr-svg@2.4.0 None +1 42.5 kB no23reason
npm/react-sticky@6.0.3 None 0 221 kB dbarbalato
npm/react-toastify@8.2.0 environment 0 440 kB sniphpet
npm/react@18.3.1 environment 0 318 kB react-bot
npm/recharts@2.9.0 environment 0 4.62 MB ckifer
npm/rehype-sanitize@5.0.1 None 0 20.7 kB wooorm
npm/rehype-stringify@9.0.3 None 0 17.2 kB wooorm
npm/remark-gfm@3.0.1 None 0 17 kB wooorm
npm/remark-html@15.0.2 None 0 14.6 kB wooorm
npm/remark-parse@10.0.2 None 0 16.8 kB wooorm
npm/remark-rehype@10.1.0 None 0 28 kB wooorm
npm/rimraf@3.0.2 filesystem Transitive: environment +4 41.1 kB isaacs
npm/start-server-and-test@1.15.5 environment Transitive: eval, unsafe +3 747 kB bahmutov
npm/superjson@1.12.3 None 0 233 kB skn0tt
npm/swagger-ui-react@4.18.3 eval +2 2.84 MB swagger-api
npm/swr@1.3.0 None 0 231 kB quietshu
npm/theme-ui@0.12.1 environment 0 70.8 kB hasparus
npm/ts-api-utils@1.3.0 None 0 828 kB joshuakgoldberg
npm/ts-node@10.9.1 environment, filesystem, unsafe +4 1.11 MB cspotcode
npm/typechain@8.1.1 filesystem Transitive: environment +10 1.1 MB ethereum-ts-bot
npm/typescript@4.9.5 None 0 66.8 MB typescript-bot
npm/unified@10.1.2 None +2 113 kB wooorm
npm/update-browserslist-db@1.0.15 environment +1 20 kB ai
npm/wait-for-expect@3.0.2 None 0 32.2 kB lgandecki
npm/zustand@2.2.4 None 0 25.5 kB drcmda
npm/zwitch@2.0.4 None 0 13.8 kB wooorm

🚮 Removed packages: npm/@babel/helper-compilation-targets@7.23.6, npm/@ethereumjs/tx@4.2.0, npm/@ethersproject/abstract-signer@5.7.0, npm/@ethersproject/address@5.7.0, npm/@ethersproject/base64@5.7.0, npm/@ethersproject/basex@5.7.0, npm/@ethersproject/bytes@5.7.0, npm/@ethersproject/constants@5.7.0, npm/@ethersproject/hash@5.7.0, npm/@ethersproject/hdnode@5.7.0, npm/@ethersproject/keccak256@5.7.0, npm/@ethersproject/networks@5.7.1, npm/@ethersproject/pbkdf2@5.7.0, npm/@ethersproject/properties@5.7.0, npm/@ethersproject/random@5.7.0, npm/@ethersproject/rlp@5.7.0, npm/@ethersproject/sha2@5.7.0, npm/@ethersproject/signing-key@5.7.0, npm/@ethersproject/strings@5.7.0, npm/@ethersproject/transactions@5.7.0, npm/@ethersproject/web@5.7.1, npm/@ethersproject/wordlists@5.7.0, npm/@stablelib/random@1.0.2, npm/@walletconnect/jsonrpc-types@1.0.3, npm/@walletconnect/jsonrpc-utils@1.0.8, npm/acorn-walk@8.2.0, npm/ansi-escapes@4.3.2, npm/argparse@1.0.10, npm/array-includes@3.1.6, npm/end-of-stream@1.4.4, npm/eslint-import-resolver-node@0.3.7, npm/eslint-visitor-keys@3.4.1, npm/hash.js@1.1.7, npm/import-fresh@3.3.0, npm/internal-slot@1.0.5, npm/invariant@2.2.4, npm/is-arguments@1.1.1, npm/is-array-buffer@3.0.2, npm/is-map@2.0.2, npm/is-set@2.0.2, npm/is-wsl@2.2.0, npm/isomorphic-ws@5.0.0, npm/istanbul-lib-instrument@5.2.1, npm/json-rpc-random-id@1.0.1, npm/lodash.isequal@4.5.0, npm/make-dir@3.1.0, npm/mime-types@2.1.35, npm/mkdirp-classic@0.5.3, npm/node-gyp-build@4.6.0, npm/object-is@1.1.5, npm/object.assign@4.1.4, npm/p-limit@3.1.0, npm/parse-json@5.2.0, npm/react-dom@18.2.0, npm/react@18.2.0, npm/readable-stream@3.6.2, npm/redis-errors@1.2.0, npm/strip-ansi@6.0.1, npm/uint8arrays@3.1.1, npm/use-sync-external-store@1.2.0, npm/word-wrap@1.2.4, npm/ws@7.4.6

View full report↗︎

socket-security[bot] commented 5 months ago

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSource
Telemetry npm/next@14.2.3
  • Note: Can be disabled by setting the environment variable NEXT_TELEMETRY_DISABLED=1 . See https://nextjs.org/telemetry for more information

View full report↗︎

Next steps

What is telemetry?

This package contains telemetry which tracks how it is used.

Most telemetry comes with settings to disable it. Consider disabling telemetry if you do not want to be tracked.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore npm/next@14.2.3