Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade Dependencies to Resolve Deprecations, Conflicts, and Security Vulnerabilities #401

Open
julioest opened this issue Jan 29, 2025 · 0 comments
Open

Upgrade Dependencies to Resolve Deprecations, Conflicts, and Security Vulnerabilities #401

julioest opened this issue Jan 29, 2025 · 0 comments
Assignees
@julioest
Labels
Task

Comments

@julioest
Copy link
Collaborator

julioest commented Jan 29, 2025
edited
Loading

Overview

Our project is facing npm deprecation warnings, dependency conflicts, and security vulnerabilities. Resolving these issues is essential for maintaining stability, security, and long-term maintainability.

Issues Identified

Deprecation Warnings

Dependency Conflicts

Security Vulnerabilities

  • Summary:
    • Low: 5
    • Moderate: 61
    • High: 35
    • Critical: 1
  • Recommendations:
    • Run npm audit fix for non-breaking fixes.
    • Use npm audit fix --force with caution for breaking changes.
    • Manually resolve remaining issues.

Proposed Actions

Upgrade Deprecated Dependencies

Resolve Dependency Conflicts

  • Align @typescript-eslint/parser and eslint versions to avoid conflicts.
  • Address other dependency issues as identified.

Address Security Vulnerabilities

  • Apply automated fixes with npm audit fix.
  • Manually update or replace packages with unresolved vulnerabilities.
  • Test the application to ensure no regressions.

Acceptance Criteria

  • Deprecated packages are upgraded or replaced.
  • Conflicts are resolved with compatible dependencies.
  • Security vulnerabilities are significantly reduced.
  • The project builds and runs without warnings or issues.
  • All functionalities are tested and verified.
  • Documentation reflects updated dependencies and usage.

Additional Information

https://github.com/boostorg/website-v2-docs/actions/runs/13034378117/job/36361062783?pr=400#step:5:27
@julioest julioest self-assigned this Jan 29, 2025
@julioest julioest mentioned this issue Jan 29, 2025
Closed
@rbbeeston rbbeeston added the Task label Jan 30, 2025
@rbbeeston rbbeeston moved this to Accepted in website-v2 Jan 30, 2025
@julioest julioest moved this from Accepted to In Progress in website-v2 Jan 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@julioest julioest

Labels
Task
Projects
website-v2
Status: In Progress
Milestone
No milestone
Development

No branches or pull requests
2 participants
@julioest @rbbeeston