ui
ui copied to clipboard
Talend
fix(security): glob-parent
What is the problem this PR is trying to solve?
glob-parent fall into a security issue:
Affected versions < 5.1.2
We have it because of storybook and i18next-scanner
$ yarn why glob-parent
yarn why v1.22.19
[1/4] Why do we have the module "glob-parent"...?
[2/4] Initialising dependency graph...
[3/4] Finding dependency...
[4/4] Calculating file sizes...
=> Found "[email protected]"
- Hoisted from "_project_#fast-glob#glob-parent"
- Hoisted from "_project_#eslint#glob-parent"
- Hoisted from "_project_#chokidar#glob-parent"
- Hoisted from "_project_#@talend#eslint-plugin#mocha#chokidar#glob-parent"
=> Found "copy-webpack-plugin#[email protected]"
"_project_#@talend#icons#copy-webpack-plugin" depends on it.
=> Found "glob-stream#[email protected]"
"_project_#i18next-scanner#vinyl-fs#glob-stream" depends on it.
=> Found "cpy#[email protected]"
- "_project_#@talend#design-system#@storybook#react#@storybook#core#@storybook#core-server#cpy#globby#fast-glob" depends on it
- Hoisted from "_project_#@talend#design-system#@storybook#react#@storybook#core#@storybook#core-server#cpy#globby#fast-glob#glob-parent"
What is the chosen solution to this problem?
add the following to resolution
"**/vinyl-fs/glob-parent": "^5.1.2",
"**/fast-glob/glob-parent": "^5.1.2"
vinyl-fs is .... bower package which is dead, i18next-scanner still depend on it on master. we should find alternative or contribute to it,
- the command extract-i18n works :heavy_check_mark:
- storybook markdown (look at demo) :heavy_check_mark:
Please check if the PR fulfills these requirements
- [ ] The PR have used
yarn changesetto a request a release from the CI if wanted. - [ ] The PR commit message follows our guidelines
- [ ] Tests for the changes have been added (for bug fixes / features) And non reg done before need review
- [ ] Docs have been added / updated (for bug fixes / features)
- [ ] Related design / discussions / pages (not in jira), if any, are all linked or available in the PR
[ ] This PR introduces a breaking change
Size Change: +28 B (0%)
Total Size: 12.2 MB
ℹ️ View Unchanged
| Filename | Size | Change | |
|---|---|---|---|
./packages/assets-api/dist/TalendAssetsApi.js |
7.25 kB | 0 B | |
./packages/assets-api/dist/TalendAssetsApi.js.dependencies.json |
2 B | 0 B | |
./packages/assets-api/dist/TalendAssetsApi.min.js |
3.34 kB | 0 B | |
./packages/assets-api/dist/TalendAssetsApi.min.js.dependencies.json |
2 B | 0 B | |
./packages/cmf-cqrs/dist/TalendReactCmfCqrs.js |
39.7 kB | 0 B | |
./packages/cmf-cqrs/dist/TalendReactCmfCqrs.js.dependencies.json |
604 B | 0 B | |
./packages/cmf-cqrs/dist/TalendReactCmfCqrs.min.js |
6.94 kB | 0 B | |
./packages/cmf-cqrs/dist/TalendReactCmfCqrs.min.js.dependencies.json |
623 B | 0 B | |
./packages/cmf-router/dist/TalendReactCmfRouter.js |
121 kB | 0 B | |
./packages/cmf-router/dist/TalendReactCmfRouter.js.dependencies.json |
1.27 kB | 0 B | |
./packages/cmf-router/dist/TalendReactCmfRouter.min.js |
12.4 kB | 0 B | |
./packages/cmf-router/dist/TalendReactCmfRouter.min.js.dependencies.json |
1.31 kB | 0 B | |
./packages/cmf/dist/TalendReactCmf.js |
537 kB | 0 B | |
./packages/cmf/dist/TalendReactCmf.js.dependencies.json |
1.33 kB | 0 B | |
./packages/cmf/dist/TalendReactCmf.min.js |
106 kB | 0 B | |
./packages/cmf/dist/TalendReactCmf.min.js.dependencies.json |
1.37 kB | 0 B | |
./packages/components/dist/TalendReactComponents.css |
356 kB | 0 B | |
./packages/components/dist/TalendReactComponents.js |
2.83 MB | 0 B | |
./packages/components/dist/TalendReactComponents.js.dependencies.json |
3.17 kB | 0 B | |
./packages/components/dist/TalendReactComponents.min.css |
183 kB | 0 B | |
./packages/components/dist/TalendReactComponents.min.js |
636 kB | 0 B | |
./packages/components/dist/TalendReactComponents.min.js.dependencies.json |
3.25 kB | 0 B | |
./packages/containers/dist/TalendReactContainers.css |
2.93 kB | 0 B | |
./packages/containers/dist/TalendReactContainers.js |
435 kB | 0 B | |
./packages/containers/dist/TalendReactContainers.js.dependencies.json |
1.56 kB | 0 B | |
./packages/containers/dist/TalendReactContainers.min.css |
1.73 kB | 0 B | |
./packages/containers/dist/TalendReactContainers.min.js |
88.8 kB | 0 B | |
./packages/containers/dist/TalendReactContainers.min.js.dependencies.json |
1.61 kB | 0 B | |
./packages/datagrid/dist/TalendReactDatagrid.css |
20.4 kB | 0 B | |
./packages/datagrid/dist/TalendReactDatagrid.js |
177 kB | 0 B | |
./packages/datagrid/dist/TalendReactDatagrid.js.dependencies.json |
1.39 kB | 0 B | |
./packages/datagrid/dist/TalendReactDatagrid.min.css |
7.5 kB | 0 B | |
./packages/datagrid/dist/TalendReactDatagrid.min.js |
40 kB | 0 B | |
./packages/datagrid/dist/TalendReactDatagrid.min.js.dependencies.json |
1.43 kB | 0 B | |
./packages/dataviz/dist/TalendReactDataviz.css |
24.3 kB | 0 B | |
./packages/dataviz/dist/TalendReactDataviz.js |
320 kB | 0 B | |
./packages/dataviz/dist/TalendReactDataviz.js.dependencies.json |
1.16 kB | 0 B | |
./packages/dataviz/dist/TalendReactDataviz.min.css |
8.81 kB | 0 B | |
./packages/dataviz/dist/TalendReactDataviz.min.js |
61.5 kB | 0 B | |
./packages/dataviz/dist/TalendReactDataviz.min.js.dependencies.json |
1.19 kB | 0 B | |
./packages/design-system/dist/TalendDesignSystem.css |
155 kB | 0 B | |
./packages/design-system/dist/TalendDesignSystem.js |
1.09 MB | 0 B | |
./packages/design-system/dist/TalendDesignSystem.js.dependencies.json |
1.57 kB | 0 B | |
./packages/design-system/dist/TalendDesignSystem.min.css |
95.5 kB | 0 B | |
./packages/design-system/dist/TalendDesignSystem.min.js |
233 kB | 0 B | |
./packages/design-system/dist/TalendDesignSystem.min.js.dependencies.json |
1.61 kB | 0 B | |
./packages/design-tokens/dist/TalendDesignTokens.css |
39 kB | 0 B | |
./packages/design-tokens/dist/TalendDesignTokens.js |
34.5 kB | 0 B | |
./packages/design-tokens/dist/TalendDesignTokens.js.dependencies.json |
2 B | 0 B | |
./packages/design-tokens/dist/TalendDesignTokens.min.css |
36.2 kB | 0 B | |
./packages/design-tokens/dist/TalendDesignTokens.min.js |
28.4 kB | 0 B | |
./packages/design-tokens/dist/TalendDesignTokens.min.js.dependencies.json |
2 B | 0 B | |
./packages/faceted-search/dist/TalendReactFacetedSearch.css |
32.2 kB | 0 B | |
./packages/faceted-search/dist/TalendReactFacetedSearch.js |
371 kB | 0 B | |
./packages/faceted-search/dist/TalendReactFacetedSearch.js.dependencies.json |
1.55 kB | 0 B | |
./packages/faceted-search/dist/TalendReactFacetedSearch.min.css |
14.3 kB | 0 B | |
./packages/faceted-search/dist/TalendReactFacetedSearch.min.js |
92.3 kB | 0 B | |
./packages/faceted-search/dist/TalendReactFacetedSearch.min.js.dependencies.json |
1.6 kB | +28 B (+2%) | |
./packages/flow-designer/dist/TalendReactFlowDesigner.min.js |
49.5 kB | 0 B | |
./packages/flow-designer/dist/TalendReactFlowDesigner.min.js.dependencies.json |
1.08 kB | 0 B | |
./packages/forms/dist/mode-json.js |
48.3 kB | 0 B | |
./packages/forms/dist/mode-python.js |
4.61 kB | 0 B | |
./packages/forms/dist/mode-sql.js |
1.83 kB | 0 B | |
./packages/forms/dist/snippets-json.js |
131 B | 0 B | |
./packages/forms/dist/snippets-python.js |
3.84 kB | 0 B | |
./packages/forms/dist/snippets-sql.js |
972 B | 0 B | |
./packages/forms/dist/TalendReactForms.css |
34.8 kB | 0 B | |
./packages/forms/dist/TalendReactForms.js |
736 kB | 0 B | |
./packages/forms/dist/TalendReactForms.js.dependencies.json |
1.69 kB | 0 B | |
./packages/forms/dist/TalendReactForms.min.css |
11.7 kB | 0 B | |
./packages/forms/dist/TalendReactForms.min.js |
210 kB | 0 B | |
./packages/forms/dist/TalendReactForms.min.js.dependencies.json |
1.73 kB | 0 B | |
./packages/forms/dist/theme-chrome.js |
2.71 kB | 0 B | |
./packages/http/dist/TalendHttp.js |
23.1 kB | 0 B | |
./packages/http/dist/TalendHttp.js.dependencies.json |
2 B | 0 B | |
./packages/http/dist/TalendHttp.min.js |
3.98 kB | 0 B | |
./packages/http/dist/TalendHttp.min.js.dependencies.json |
2 B | 0 B | |
./packages/icons/dist/bundle.js |
1.26 kB | 0 B | |
./packages/icons/dist/info.js |
24.6 kB | 0 B | |
./packages/icons/dist/react.esm.js |
531 kB | 0 B | |
./packages/icons/dist/react.js |
571 kB | 0 B | |
./packages/icons/dist/talend-icons-webfont.css |
16.8 kB | 0 B | |
./packages/icons/dist/talendicons.css |
334 B | 0 B | |
./packages/icons/dist/TalendIcons.js |
643 kB | 0 B | |
./packages/icons/dist/TalendIcons.js.dependencies.json |
128 B | 0 B | |
./packages/icons/dist/TalendIcons.min.js |
554 kB | 0 B | |
./packages/icons/dist/TalendIcons.min.js.dependencies.json |
131 B | 0 B | |
./packages/icons/dist/typeUtils.js |
13.4 kB | 0 B | |
./packages/jsfc/dist/index.js |
86.4 kB | 0 B | |
./packages/jsfc/dist/index.js.dependencies.json |
2 B | 0 B | |
./packages/router-bridge/dist/TalendRouterBridge.js |
92.2 kB | 0 B | |
./packages/router-bridge/dist/TalendRouterBridge.js.dependencies.json |
1.05 kB | 0 B | |
./packages/router-bridge/dist/TalendRouterBridge.min.js |
20.6 kB | 0 B | |
./packages/router-bridge/dist/TalendRouterBridge.min.js.dependencies.json |
1.07 kB | 0 B | |
./packages/sagas/dist/TalendReactSagas.js |
10.9 kB | 0 B | |
./packages/sagas/dist/TalendReactSagas.js.dependencies.json |
348 B | 0 B | |
./packages/sagas/dist/TalendReactSagas.min.js |
1.41 kB | 0 B | |
./packages/sagas/dist/TalendReactSagas.min.js.dependencies.json |
360 B | 0 B | |
./packages/stepper/dist/TalendReactStepper.js |
24.4 kB | 0 B | |
./packages/stepper/dist/TalendReactStepper.js.dependencies.json |
962 B | 0 B | |
./packages/stepper/dist/TalendReactStepper.min.js |
4.05 kB | 0 B | |
./packages/stepper/dist/TalendReactStepper.min.js.dependencies.json |
988 B | 0 B | |
./packages/storybook-docs/dist/globalStyles.js |
0 B | 0 B | 🆕 |
./packages/storybook-docs/dist/globalStyles.min.css |
10.4 kB | 0 B | |
./packages/storybook-docs/dist/managerStyles.js |
0 B | 0 B | 🆕 |
./packages/storybook-docs/dist/managerStyles.min.css |
1.53 kB | 0 B | |
./packages/theme/dist/bootstrap.css |
149 kB | 0 B | |
./packages/theme/dist/bootstrap.js |
2.51 kB | 0 B | |
./packages/theme/dist/bootstrap.js.dependencies.json |
3 B | 0 B |
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}