Skip to content

Commit

Permalink
fix: replace lodash.template with lodash-es to prevent vulnerabil…
Browse files Browse the repository at this point in the history 
…ities (#515)
  • Loading branch information
@sadeghbarati
sadeghbarati authored Apr 25, 2024
1 parent 919770c commit 5f774f8
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 41 deletions.
4 changes: 2 additions & 2 deletions apps/www/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,15 +52,15 @@
"@iconify/vue": "^4.1.2",
"@oxc-parser/wasm": "^0.1.0",
"@shikijs/transformers": "^1.3.0",
"@types/lodash.template": "^4.5.3",
"@types/lodash-es": "^4.17.12",
"@types/node": "^20.12.7",
"@vitejs/plugin-vue": "^5.0.4",
"@vitejs/plugin-vue-jsx": "^3.1.0",
"@vue/compiler-core": "^3.4.24",
"@vue/compiler-dom": "^3.4.24",
"@vue/tsconfig": "^0.5.1",
"autoprefixer": "^10.4.19",
"lodash.template": "^4.5.0",
"lodash-es": "^4.17.21",
"pathe": "^1.1.2",
"rimraf": "^5.0.5",
"shiki": "^1.3.0",
Expand Down
4 changes: 2 additions & 2 deletions apps/www/scripts/build-registry.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import fs from 'node:fs'
import path, { basename } from 'node:path'
import template from 'lodash.template'
import { template } from 'lodash-es'
import { rimraf } from 'rimraf'

import { colorMapping, colors } from '../src/lib/registry/colors'
Expand Down Expand Up @@ -40,7 +40,7 @@ for (const style of styles) {
file => `../src/lib/registry/${style.name}/${file}`,
)

const type = item.type.split(':')[1]
// const type = item.type.split(':')[1]
index += `
"${item.name}": {
name: "${item.name}",
Expand Down
4 changes: 2 additions & 2 deletions packages/cli/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@
"diff": "^5.2.0",
"fs-extra": "^11.2.0",
"https-proxy-agent": "^7.0.4",
"lodash.template": "^4.5.0",
"lodash-es": "^4.17.21",
"magic-string": "^0.30.10",
"nypm": "^0.3.8",
"ofetch": "^1.3.4",
Expand All @@ -71,7 +71,7 @@
"@types/babel__core": "^7.20.5",
"@types/diff": "^5.2.0",
"@types/fs-extra": "^11.0.4",
"@types/lodash.template": "^4.5.3",
"@types/lodash-es": "^4.5.3",
"@types/node": "^20.11.30",
"@types/prompts": "^2.4.9",
"@vitest/ui": "^0.34.4",
Expand Down
2 changes: 1 addition & 1 deletion packages/cli/src/commands/init.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import { existsSync, promises as fs } from 'node:fs'
import process from 'node:process'
import path from 'pathe'
import { Command } from 'commander'
import template from 'lodash.template'
import { template } from 'lodash-es'
import ora from 'ora'
import prompts from 'prompts'
import { z } from 'zod'
Expand Down
48 changes: 14 additions & 34 deletions pnpm-lock.yaml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 5f774f8

Please sign in to comment.