Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix npm package vuln and remove unused packages #71

Merged
merged 2 commits into from
Mar 7, 2024

Conversation

chapati23
Copy link
Contributor

npm audit identified a vulnerability in @apollo/experimental-nextjs-app-support

While I was updating it, I ran npx depcheck and saw that there were quite a few unused packages in here. I removed them :)

  • Fixed vuln in @apollo/experimental-nextjs-app-support
  • Added npm run depcheck task to check for unused packages
  • Added depcheck task to pre-push githook to always check for unused packages before pushing
  • Ran the app locally again to make sure everything still works and it all looked fine

added depcheck to always check for unused packages
on pre-push
Copy link

vercel bot commented Mar 6, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
governance-ui ✅ Ready (Inspect) Visit Preview 💬 Add feedback Mar 7, 2024 1:43pm

@chapati23 chapati23 merged commit f6e4459 into develop Mar 7, 2024
3 checks passed
@chapati23 chapati23 deleted the fix/npm-package-vulnerability branch March 7, 2024 16:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants