uswds / web-components

Work on the next version of USWDS will happen here

https://federalist-c7964e49-2db7-4585-85f1-49d23b9329cb.sites.pages.cloud.gov/site/uswds/uswds-next/

28 stars 5 forks source link

Web-Components - POAM: October '24 #78

Closed mahoneycm closed 1 month ago

mahoneycm commented 1 month ago

Summary

POAM dependency updates for October 2024.

Related issues

USWDS-Team - POAM: October 2024 Resolves https://github.com/uswds/web-components/security/dependabot/12 Resolves https://github.com/uswds/web-components/security/dependabot/11 Resolves https://github.com/uswds/web-components/security/dependabot/14 Resolves https://github.com/uswds/web-components/security/dependabot/13 Resolves https://github.com/uswds/web-components/security/dependabot/10 Resolves https://github.com/uswds/web-components/security/dependabot/9 Resolves https://github.com/uswds/web-components/security/dependabot/7

Vulnerabilities

Before updates

8 vulnerabilities (1 low, 3 moderate, 4 high)

After updates

found 0 vulnerabilities

Dependency updates

Dependency Name	Old Version	New Version
@rollup/rollup-linux-x64-gnu	^4.21.2	^4.24.0
@storybook/addon-a11y	^8.2.9	^8.3.5
@storybook/addon-docs	^8.2.9	^8.3.5
@storybook/addon-essentials	^8.2.9	^8.3.5
@storybook/addon-links	^8.2.9	^8.3.5
@storybook/blocks	^8.2.9	^8.3.5
@storybook/manager-api	^8.2.9	^8.3.5
@storybook/test	^8.2.9	^8.3.5
@storybook/theming	^8.2.9	^8.3.5
@storybook/web-components	^8.2.9	^8.3.5
@storybook/web-components-vite	^8.2.9	^8.3.5
@uswds/uswds	^3.8.2	^3.9.0
axe-playwright	^2.0.2	^2.0.3
eslint	^9.10.0	^9.12.0
lit	^3.2.0	^3.2.1
sass	^1.78.0	^1.79.4
storybook	^8.2.9	^8.3.5
vite	^5.4.3	^5.4.8

Testing instructions

Run npm run start
Confirm there are no build errors
Confirm there are no visual regressions
Run prettier, and test scripts and confirm there are no issues.