Skip to content

Chore/fix vulnerabilities#4155

Open
dquadrantdev wants to merge 6 commits intoIntersectMBO:developfrom
cardanoapi:chore/fix-vulnerabilities
Open

Chore/fix vulnerabilities#4155
dquadrantdev wants to merge 6 commits intoIntersectMBO:developfrom
cardanoapi:chore/fix-vulnerabilities

Conversation

@dquadrantdev
Copy link
Copy Markdown

@dquadrantdev dquadrantdev commented Apr 16, 2026
edited
Loading

List of changes

Fix in dependencies versions across the board.

  • Changed gov-action-loader/frontend/package.json,
    govtool/analytics-dashboard/package.json,
    govtool/frontend/package.json,
    govtool/metadata-validation/package.json,
    tests/govtool-backend/requirements.txt,
    tests/govtool-frontend/playwright/package.json,
    tests/test-metadata-api/package.json

Checklist

  • related issue
  • My changes generate no new warnings
  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the changelog
  • I have added tests that prove my fix is effective or that my feature works

mesudip and others added 6 commits April 8, 2026 12:09
@mesudip
Fix vulnerabilities: upgrades dependencies across the board
01d4ec2 
next 14 -> 16, next-intl 3 -> 4, @sentry/nextjs updated
Nest stack moved to 11.x, axios updated
jsonld upgraded to 9.x where applicable
@playwright/test/playwright upgraded in playwright workspace
Yarn workspaces upgraded aggressively (vite 8, vue 3.5, express 5, uuid 13, etc.)
Added targeted overrides in frontend/metadata-validation to clear additional transitive highs where fixable
@kushal2060
fix:requests
7916c32
@kushal2060
fix: @tootallnate/once
a225bff
@kushal2060
fix:@tootallnate/once@govtool/analytics
88f51b6
@kusssal
fix:axios version
bfbf291
@dquadrantdev
upgrade dependencies
b60ad67
@dquadrantdev
Copy link
Copy Markdown
Author

dquadrantdev commented Apr 16, 2026
edited
Loading

Other vulnerabilities will be solved after the new npm package for pdf ui is updated.IntersectMBO/govtool-proposal-pillar#339

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Ryun1 Ryun1 Awaiting requested review from Ryun1 Ryun1 is a code owner

@aaboyle878 aaboyle878 Awaiting requested review from aaboyle878 aaboyle878 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@dquadrantdev @mesudip @kushal2060 @kusssal