chore(deps): npm audit fix --force — closes 12 deferred vulnerabilities
User explicitly authorized the major-version bump after the loop flagged it as deferred. Two breaking-change upgrades land: - electron-builder: 25.1.8 → 26.8.1 - electron: 33.4.11 → 41.3.0 Plus the transitive cleanup that the audit chain (@tootallnate/once, http-proxy-agent, make-fetch-happen, node-gyp, @electron/rebuild, app-builder-lib, dmg-builder, electron-builder-squirrel-windows, tar, cacache, brace-expansion, @xmldom/xmldom) required. Vulnerability count: 12 → 0. 35 packages added, 138 removed, 39 changed. Verified: 126/126 unit tests still green. NSIS+portable build runs end-to-end on the new toolchain (artifacts ~100 MB each due to the electron 41 baseline). Renderer is Chromium-based as before; no behaviour change expected on the user side, just a more current runtime + signed-build pipeline.
This commit is contained in:
Administrator
parent
bd41aff769
commit
d650a7395a
2543
package-lock.json
generated
2543
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@ -16,8 +16,8 @@
|
|||||||
"ws": "^8.19.0"
|
"ws": "^8.19.0"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"electron": "^33.0.0",
|
"electron": "^41.3.0",
|
||||||
"electron-builder": "^25.0.0",
|
"electron-builder": "^26.8.1",
|
||||||
"eslint": "^10.1.0",
|
"eslint": "^10.1.0",
|
||||||
"eslint-plugin-security": "^4.0.0",
|
"eslint-plugin-security": "^4.0.0",
|
||||||
"rcedit": "^4.0.1"
|
"rcedit": "^4.0.1"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user