Niklas/shadcn-vue
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: replace lodash.template with lodash-es to prevent vulnerabilities (#515)

Browse Source
This commit is contained in:
Sadegh Barati 2024-04-25 18:33:26 +03:30 committed by GitHub
parent 919770c6ca
commit 5f774f83d9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 21 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/www/package.json
View File

@ -52,7 +52,7 @@
"@iconify/vue": "^4.1.2",
"@oxc-parser/wasm": "^0.1.0",
"@shikijs/transformers": "^1.3.0",
"@types/lodash.template": "^4.5.3",
"@types/lodash-es": "^4.17.12",
"@types/node": "^20.12.7",
"@vitejs/plugin-vue": "^5.0.4",
"@vitejs/plugin-vue-jsx": "^3.1.0",
@ -60,7 +60,7 @@
"@vue/compiler-dom": "^3.4.24",
"@vue/tsconfig": "^0.5.1",
"autoprefixer": "^10.4.19",
"lodash.template": "^4.5.0",
"lodash-es": "^4.17.21",
"pathe": "^1.1.2",
"rimraf": "^5.0.5",
"shiki": "^1.3.0",

4
apps/www/scripts/build-registry.ts
View File

@ -1,6 +1,6 @@
import fs from 'node:fs'
import path, { basename } from 'node:path'
import template from 'lodash.template'
import { template } from 'lodash-es'
import { rimraf } from 'rimraf'
import { colorMapping, colors } from '../src/lib/registry/colors'
@ -40,7 +40,7 @@ for (const style of styles) {
file => `../src/lib/registry/${style.name}/${file}`,
)
const type = item.type.split(':')[1]
// const type = item.type.split(':')[1]
index += `
"${item.name}": {
name: "${item.name}",

4
packages/cli/package.json
View File

@ -55,7 +55,7 @@
"diff": "^5.2.0",
"fs-extra": "^11.2.0",
"https-proxy-agent": "^7.0.4",
"lodash.template": "^4.5.0",
"lodash-es": "^4.17.21",
"magic-string": "^0.30.10",
"nypm": "^0.3.8",
"ofetch": "^1.3.4",
@ -71,7 +71,7 @@
"@types/babel__core": "^7.20.5",
"@types/diff": "^5.2.0",
"@types/fs-extra": "^11.0.4",
"@types/lodash.template": "^4.5.3",
"@types/lodash-es": "^4.5.3",
"@types/node": "^20.11.30",
"@types/prompts": "^2.4.9",
"@vitest/ui": "^0.34.4",

2
packages/cli/src/commands/init.ts
View File

@ -2,7 +2,7 @@ import { existsSync, promises as fs } from 'node:fs'
import process from 'node:process'
import path from 'pathe'
import { Command } from 'commander'
import template from 'lodash.template'
import { template } from 'lodash-es'
import ora from 'ora'
import prompts from 'prompts'
import { z } from 'zod'

48
pnpm-lock.yaml
View File

@ -147,9 +147,9 @@ importers:
'@shikijs/transformers':
specifier: ^1.3.0
version: 1.3.0
'@types/lodash.template':
specifier: ^4.5.3
version: 4.5.3
'@types/lodash-es':
specifier: ^4.17.12
version: 4.17.12
'@types/node':
specifier: ^20.12.7
version: 20.12.7
@ -171,9 +171,9 @@ importers:
autoprefixer:
specifier: ^10.4.19
version: 10.4.19(postcss@8.4.38)
lodash.template:
specifier: ^4.5.0
version: 4.5.0
lodash-es:
specifier: ^4.17.21
version: 4.17.21
pathe:
specifier: ^1.1.2
version: 1.1.2
@ -237,9 +237,9 @@ importers:
https-proxy-agent:
specifier: ^7.0.4
version: 7.0.4
lodash.template:
specifier: ^4.5.0
version: 4.5.0
lodash-es:
specifier: ^4.17.21
version: 4.17.21
magic-string:
specifier: ^0.30.10
version: 0.30.10
@ -280,9 +280,9 @@ importers:
'@types/fs-extra':
specifier: ^11.0.4
version: 11.0.4
'@types/lodash.template':
'@types/lodash-es':
specifier: ^4.5.3
version: 4.5.3
version: 4.17.12
'@types/node':
specifier: ^20.11.30
version: 20.12.7
@ -2052,8 +2052,8 @@ packages:
'@types/linkify-it@3.0.5':
resolution: {integrity: sha512-yg6E+u0/+Zjva+buc3EIb+29XEg4wltq7cSmd4Uc2EE/1nUVmxyzpX6gUXD0V8jIrG0r7YeOGVIbYRkxeooCtw==}
'@types/lodash.template@4.5.3':
resolution: {integrity: sha512-Mo0UYKLu1oXgkV9TVoXZLlXXjyIXlW7ZQRxi/4gQJmzJr63dmicE8gG0OkPjYTKBrBic852q0JzqrtNUWLBIyA==}
'@types/lodash-es@4.17.12':
resolution: {integrity: sha512-0NgftHUcV4v34VhXm8QBSftKVXtbkBG3ViCjs6+eJ5a6y6Mi/jiFGPc1sC7QK+9BFhWrURE3EOggmWaSxL9OzQ==}
'@types/lodash@4.17.0':
resolution: {integrity: sha512-t7dhREVv6dbNj0q17X12j7yDG4bD/DHYX7o5/DbDxobP0HnGPgpRz2Ej77aL7TZT3DSw13fqUTj8J4mMnqa7WA==}
@ -4880,9 +4880,6 @@ packages:
lodash-es@4.17.21:
resolution: {integrity: sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==}
lodash._reinterpolate@3.0.0:
resolution: {integrity: sha512-xYHt68QRoYGjeeM/XOE1uJtvXQAgvszfBhjV4yvsQH0u2i9I6cI6c6/eG4Hh3UAOVn0y/xAXwmTzEay49Q//HA==}
lodash.camelcase@4.3.0:
resolution: {integrity: sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==}
@ -4916,12 +4913,6 @@ packages:
lodash.startcase@4.4.0:
resolution: {integrity: sha512-+WKqsK294HMSc2jEbNgpHpd0JfIBhp7rEV4aqXWqFr6AlXov+SlcgB1Fv01y2kGe3Gc8nMW7VA0SrGuSkRfIEg==}
lodash.template@4.5.0:
resolution: {integrity: sha512-84vYFxIkmidUiFxidA/KjjH9pAycqW+h980j7Fuz5qxRtO9pgB7MDFTdys1N7A5mcucRiDyEq4fusljItR1T/A==}
lodash.templatesettings@4.2.0:
resolution: {integrity: sha512-stgLz+i3Aa9mZgnjr/O+v9ruKZsPsndy7qPZOchbqk2cnTU1ZaldKK+v7m54WoKIyxiuMZTKT2H81F8BeAc3ZQ==}
lodash.uniq@4.5.0:
resolution: {integrity: sha512-xfBaXQd9ryd9dlSDvnvI0lvxfLJlYAZzXomUYzLKtUeOQvOP5piqAWuGtrhWeqaXK9hhoM/iyJc5AV+XfsX3HQ==}
@ -9427,7 +9418,7 @@ snapshots:
'@types/linkify-it@3.0.5': {}
'@types/lodash.template@4.5.3':
'@types/lodash-es@4.17.12':
dependencies:
'@types/lodash': 4.17.0
@ -12790,8 +12781,6 @@ snapshots:
lodash-es@4.17.21: {}
lodash._reinterpolate@3.0.0: {}
lodash.camelcase@4.3.0: {}
lodash.defaults@4.2.0: {}
@ -12814,15 +12803,6 @@ snapshots:
lodash.startcase@4.4.0: {}
lodash.template@4.5.0:
dependencies:
lodash._reinterpolate: 3.0.0
lodash.templatesettings: 4.2.0
lodash.templatesettings@4.2.0:
dependencies:
lodash._reinterpolate: 3.0.0
lodash.uniq@4.5.0: {}
lodash.upperfirst@4.3.1: {}