https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41587
--- Comment #9 from Paul Derscheid <[email protected]> --- Created attachment 194284 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194284&action=edit Bug 41587: (follow-up) Fix newly reported dependency vulnerabilities - Bump minimatch dependency and resolution from ^3.0.2 to ^3.1.4 (HIGH) - Bump lodash dependency and resolution from ^4.17.12 to ^4.17.23 (MODERATE) - Add resolution for fast-xml-parser ^4.5.4 (CRITICAL) - Add resolution for undici ^6.23.0 (MODERATE) - Add resolution for serialize-javascript ^7.0.3 (HIGH) Test plan: - yarn audit --level high should show 0 vulnerabilities - yarn build && yarn build:prod should complete without errors - yarn cypress run should complete without (or currently expected) errors @RM: You will need to push yarn.lock as well -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
