Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
73ee6e9ba7
PromucFlow_constructor/app/client/packages/design-system/widgets/package.json
Victor Kostyuk e394b7f21b
fix: Enforce lodash >=4.17.21 to mitigate CVE-2019-10744 (Critical vulnerability) (#39625) 
## Description
This PR enforces lodash version 4.17.21 or above, mitigating the
**Critical severity** vulnerability
[CVE-2019-10744](https://github.com/advisories/GHSA-jf85-cpcp-j695).

## Automation

/ok-to-test tags="@tag.Sanity"

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!CAUTION]  
> If you modify the content in this section, you are likely to disrupt
the CI result for your PR.

<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **Chores**
- Updated the version constraints for the lodash library across multiple
packages. This ensures a minimum version of 4.17.21 while allowing a
broader range of updates, including potential major releases.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-03-11 14:33:25 +03:00

71 lines
2.3 KiB
JSON
Raw Blame History

{
"name": "@appsmith/wds",
"version": "1.0.0",
"main": "src/index.ts",
"author": "Valera Melnikov <valera@appsmith.com>, Pawan Kumar <pawan@appsmith.com>",
"license": "MIT",
"type": "module",
"files": [
"build"
],
"scripts": {
"lint": "yarn g:lint",
"prettier": "yarn g:prettier",
"test:unit": "yarn g:jest",
"build:icons": "npx tsx ./src/scripts/build-icons.ts",
"build:package": "rm -rf build && rollup -c rollup.config.js"
},
"dependencies": {
"@appsmith/wds-headless": "workspace:^",
"@appsmith/wds-theming": "workspace:^",
"@emotion/css": "^11.11.2",
"@floating-ui/react": "^0.26.24",
"@react-aria/focus": "^3.18.2",
"@react-aria/utils": "^3.16.0",
"@react-aria/visually-hidden": "^3.8.0",
"@react-spectrum/utils": "^3.11.10",
"@react-stately/collections": "^3.10.9",
"@react-stately/list": "^3.10.8",
"@react-types/actiongroup": "^3.4.6",
"@react-types/shared": "^3.23.1",
"@tabler/icons-react": "^3.10.0",
"clsx": "^2.0.0",
"lodash": ">=4.17.21",
"react-aria-components": "^1.6.0",
"react-markdown": "^9.0.1",
"react-syntax-highlighter": "^15.5.0",
"react-transition-group": "^4.4.5",
"remark-gfm": "^4.0.0",
"usehooks-ts": "*"
},
"devDependencies": {
"@babel/core": "^7.26.9",
"@babel/helper-compilation-targets": "^7.26.5",
"@babel/preset-env": "^7.26.9",
"@babel/preset-react": "^7.26.3",
"@babel/preset-typescript": "^7.26.0",
"@babel/runtime": "^7.26.9",
"@rollup/plugin-babel": "^6.0.4",
"@rollup/plugin-commonjs": "^28.0.2",
"@rollup/plugin-image": "^3.0.3",
"@rollup/plugin-node-resolve": "^16.0.0",
"@rollup/plugin-replace": "^6.0.2",
"@rollup/plugin-terser": "^0.4.4",
"@rollup/plugin-typescript": "^12.1.2",
"@rollup/plugin-url": "^8.0.2",
"@types/fs-extra": "^11.0.4",
"@types/react-syntax-highlighter": "^15.5.13",
"@types/react-transition-group": "^4.4.12",
"browserslist": "^4.24.4",
"eslint-plugin-storybook": "^0.11.3",
"postcss-import": "^16.1.0",
"rollup": "^4.34.8",
"rollup-plugin-copy": "^3.5.0",
"rollup-plugin-postcss": "^4.0.2"
},
"peerDependencies": {
"react": "^16.8.0 || ^17.0.0-rc.1 || ^18.0.0",
"react-dom": "^16.8.0 || ^17.0.0-rc.1 || ^18.0.0"
}
}
Reference in New Issue View Git Blame Copy Permalink