-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EREGCSC-1015 Resolve dependabot alerts #287
Conversation
All However, once you go into Here is a GitHub issue where other people are having very similar issues: Which then links to an issue with create-react-app (that has a bunch of duplicate issues listed): facebook/create-react-app#11641 Suffice to say, it's a current and ongoing issue. However, Dan Abramov (of React/Redux/CreateReactApp renown) has a few things to say about the results of https://overreacted.io/npm-audit-broken-by-design/ Namely: these are build tool vulnerabilities and are of little consequence.
The resolution proposed by Dan Abramov is to move all build tool packages into
And that should return zero vulnerabilities. In our case, this meant migrating storybook to use Webpack5. Once finished, Storybook runs as expected, and running |
"babel-loader": "^8.2.2", | ||
"eslint": "^8.3.0", | ||
"eslint-config-airbnb-base": "^15.0.0", | ||
"eslint-config-prettier": "^8.3.0", | ||
"eslint-plugin-import": "^2.25.3", | ||
"eslint-plugin-vue": "^8.1.1", | ||
"prettier": "2.2.1" | ||
"prettier": "2.2.1", | ||
"webpack": "^5.65.0" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
moving Storybook to latest version and migrating to webpack 5
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!. Thanks for doing the research into this.
No description provided.