Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: upgrade dependencies to fix security vulnerabilities #33040

Merged
merged 4 commits into from
Oct 15, 2024
Merged

chore: upgrade dependencies to fix security vulnerabilities #33040

merged 4 commits into from
Oct 15, 2024

Conversation

marcosmoura
Copy link
Contributor

@marcosmoura marcosmoura commented Oct 15, 2024
edited
Loading

This PR fixes the CVE-2024-4068 vulnerability issue, by upgrading some dependencies, specially braces to 3.0.3.

@fabricteam
Copy link
Collaborator

fabricteam commented Oct 15, 2024
edited
Loading

Perf Analysis (@fluentui/react-components)

Scenario Render type Master Ticks PR Ticks Iterations Status
FluentProviderWithTheme virtual-rerender 35 35 10 Possible regression
All results

Scenario Render type Master Ticks PR Ticks Iterations Status
Avatar mount 632 636 5000
Button mount 293 302 5000
Field mount 1129 1117 5000
FluentProvider mount 704 724 5000
FluentProviderWithTheme mount 81 88 10
FluentProviderWithTheme virtual-rerender 35 35 10 Possible regression
FluentProviderWithTheme virtual-rerender-with-unmount 71 79 10
MakeStyles mount 849 864 50000
Persona mount 1750 1697 5000
SpinButton mount 1419 1430 5000
SwatchPicker mount 1660 1617 5000

@fabricteam
Copy link
Collaborator

🕵 fluentui-web-components-v3 No visual regressions between this PR and main

@fabricteam
Copy link
Collaborator

fabricteam commented Oct 15, 2024
edited
Loading

Perf Analysis (@fluentui/react-northstar)

Perf tests with no regressions
Scenario Current PR Ticks Baseline Ticks Ratio
AttachmentMinimalPerf.default 94 79 1.19:1
TreeWith60ListItems.default 100 86 1.16:1
ChatDuplicateMessagesPerf.default 162 142 1.14:1
LoaderMinimalPerf.default 212 194 1.09:1
SegmentMinimalPerf.default 213 198 1.08:1
ChatWithPopoverPerf.default 203 189 1.07:1
ProviderMergeThemesPerf.default 677 631 1.07:1
AnimationMinimalPerf.default 315 298 1.06:1
ButtonSlotsPerf.default 336 317 1.06:1
CardMinimalPerf.default 321 304 1.06:1
RefMinimalPerf.default 116 109 1.06:1
IconMinimalPerf.default 409 385 1.06:1
RosterPerf.default 1663 1579 1.05:1
PortalMinimalPerf.default 88 84 1.05:1
BoxMinimalPerf.default 204 196 1.04:1
ItemLayoutMinimalPerf.default 732 701 1.04:1
ListCommonPerf.default 389 375 1.04:1
PopupMinimalPerf.default 363 350 1.04:1
VideoMinimalPerf.default 437 422 1.04:1
DropdownManyItemsPerf.default 404 393 1.03:1
FormMinimalPerf.default 225 219 1.03:1
InputMinimalPerf.default 538 524 1.03:1
LabelMinimalPerf.default 221 214 1.03:1
MenuMinimalPerf.default 527 514 1.03:1
ReactionMinimalPerf.default 219 212 1.03:1
SliderMinimalPerf.default 743 724 1.03:1
TextMinimalPerf.default 201 195 1.03:1
TooltipMinimalPerf.default 1312 1268 1.03:1
DropdownMinimalPerf.default 1450 1426 1.02:1
GridMinimalPerf.default 195 191 1.02:1
HeaderMinimalPerf.default 211 206 1.02:1
ListNestedPerf.default 342 335 1.02:1
ProviderMinimalPerf.default 205 200 1.02:1
RadioGroupMinimalPerf.default 274 268 1.02:1
CarouselMinimalPerf.default 261 259 1.01:1
FlexMinimalPerf.default 158 157 1.01:1
ListMinimalPerf.default 323 320 1.01:1
SkeletonMinimalPerf.default 198 196 1.01:1
TextAreaMinimalPerf.default 306 304 1.01:1
TreeMinimalPerf.default 493 487 1.01:1
AttachmentSlotsPerf.default 657 655 1:1
DividerMinimalPerf.default 206 207 1:1
ImageMinimalPerf.default 223 222 1:1
LayoutMinimalPerf.default 203 202 1:1
ListWith60ListItems.default 380 381 1:1
SplitButtonMinimalPerf.default 2290 2285 1:1
TableMinimalPerf.default 239 240 1:1
AvatarMinimalPerf.default 108 109 0.99:1
ButtonOverridesMissPerf.default 664 671 0.99:1
DialogMinimalPerf.default 446 452 0.99:1
EmbedMinimalPerf.default 1908 1918 0.99:1
MenuButtonMinimalPerf.default 955 966 0.99:1
TableManyItemsPerf.default 1120 1133 0.99:1
CustomToolbarPrototype.default 1507 1527 0.99:1
AccordionMinimalPerf.default 85 87 0.98:1
ChatMinimalPerf.default 434 445 0.98:1
CheckboxMinimalPerf.default 1143 1167 0.98:1
ToolbarMinimalPerf.default 555 564 0.98:1
DatepickerMinimalPerf.default 3635 3742 0.97:1
HeaderSlotsPerf.default 474 489 0.97:1
AlertMinimalPerf.default 156 164 0.95:1
StatusMinimalPerf.default 385 404 0.95:1
ButtonMinimalPerf.default 82 89 0.92:1

fabricteam
fabricteam reviewed Oct 15, 2024
View reviewed changes
yarn.lock Show resolved Hide resolved
@fabricteam
Copy link
Collaborator

🕵 FluentUIV0 No visual regressions between this PR and main

@fabricteam
Copy link
Collaborator

📊 Bundle size report

✅ No changes found

fabricteam
fabricteam reviewed Oct 15, 2024
View reviewed changes
yarn.lock Show resolved Hide resolved
@fabricteam
Copy link
Collaborator

fabricteam commented Oct 15, 2024
edited
Loading

Perf Analysis (@fluentui/react)

No significant results to display.

All results

Scenario Render type Master Ticks PR Ticks Iterations Status
BaseButton mount 634 636 5000
Breadcrumb mount 1686 1712 1000
Checkbox mount 1722 1715 5000
CheckboxBase mount 1502 1487 5000
ChoiceGroup mount 3052 3001 5000
ComboBox mount 671 667 1000
CommandBar mount 6612 6614 1000
ContextualMenu mount 12414 12652 1000
DefaultButton mount 815 790 5000
DetailsRow mount 2300 2239 5000
DetailsRowFast mount 2214 2246 5000
DetailsRowNoStyles mount 2089 2048 5000
Dialog mount 2825 2709 1000
DocumentCardTitle mount 242 233 1000
Dropdown mount 2004 2025 5000
FocusTrapZone mount 1165 1180 5000
FocusZone mount 1073 1054 5000
GroupedList mount 42708 42867 2
GroupedList virtual-rerender 20605 20353 2
GroupedList virtual-rerender-with-unmount 52453 52297 2
GroupedListV2 mount 227 235 2
GroupedListV2 virtual-rerender 223 226 2
GroupedListV2 virtual-rerender-with-unmount 239 241 2
IconButton mount 1146 1147 5000
Label mount 340 352 5000
Layer mount 2741 2775 5000
Link mount 399 403 5000
MenuButton mount 1012 975 5000
MessageBar mount 21693 21632 5000
Nav mount 2030 2022 1000
OverflowSet mount 798 820 5000
Panel mount 1840 1878 1000
Persona mount 738 781 1000
Pivot mount 901 916 1000
PrimaryButton mount 942 951 5000
Rating mount 4739 4748 5000
SearchBox mount 908 922 5000
Shimmer mount 1955 1932 5000
Slider mount 1375 1358 5000
SpinButton mount 3001 2989 5000
Spinner mount 385 396 5000
SplitButton mount 1885 1905 5000
Stack mount 431 429 5000
StackWithIntrinsicChildren mount 875 893 5000
StackWithTextChildren mount 2797 2769 5000
SwatchColorPicker mount 6470 6442 5000
TagPicker mount 1486 1483 5000
Text mount 394 400 5000
TextField mount 943 907 5000
ThemeProvider mount 869 864 5000
ThemeProvider virtual-rerender 592 582 5000
ThemeProvider virtual-rerender-with-unmount 1297 1308 5000
Toggle mount 633 639 5000
buttonNative mount 190 194 5000

@marcosmoura marcosmoura changed the title (DO NOT MERGE) - chore: upgrade dependencies after audit chore: upgrade dependencies to fix security vulnerabilities Oct 15, 2024
@marcosmoura marcosmoura marked this pull request as ready for review October 15, 2024 11:42
@marcosmoura marcosmoura requested a review from a team as a code owner October 15, 2024 11:42
@marcosmoura marcosmoura merged commit 1af9fc8 into microsoft:master Oct 15, 2024
23 checks passed
@marcosmoura marcosmoura deleted the chore/yarn-audit-versions branch October 15, 2024 14:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabricteam fabricteam fabricteam left review comments

@Hotell Hotell Hotell approved these changes

Assignees

@marcosmoura marcosmoura

Labels
Area: Build System
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@marcosmoura @fabricteam @Hotell