From d95f0e55598885a6b7a5bbc04bbbe318075a4128 Mon Sep 17 00:00:00 2001 From: yangshiqi Date: Wed, 26 Feb 2025 19:59:44 +0800 Subject: [PATCH 1/4] upgrade body-parser when body-parser <1.20.3, cause: CVE-2024-45590 Signed-off-by: yangshiqi --- packages/web/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/web/package.json b/packages/web/package.json index ba80ebc..3601870 100644 --- a/packages/web/package.json +++ b/packages/web/package.json @@ -21,7 +21,7 @@ "@tabler/icons-vue": "^2.36.0", "animate.css": "v4.1.1", "axios": "1.5.1", - "body-parser": "1.20.2", + "body-parser": "1.20.3", "bootstrap": "5.3.1", "core-js": "^3.8.3", "crypto-browserify": "^3.12.0", From d258e003ef698d51538f9f41e7089a1e69f77f49 Mon Sep 17 00:00:00 2001 From: yangshiqi Date: Wed, 26 Feb 2025 20:06:04 +0800 Subject: [PATCH 2/4] when axios <=1.7.2, cause: CVE-2024-39338 Signed-off-by: yangshiqi --- packages/web/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/web/package.json b/packages/web/package.json index 3601870..285bf15 100644 --- a/packages/web/package.json +++ b/packages/web/package.json @@ -20,7 +20,7 @@ "@tabler/core": "1.0.0-beta20", "@tabler/icons-vue": "^2.36.0", "animate.css": "v4.1.1", - "axios": "1.5.1", + "axios": "^1.7.4", "body-parser": "1.20.3", "bootstrap": "5.3.1", "core-js": "^3.8.3", From fad2094474a598a6144c284c6e7e198a2aea2b34 Mon Sep 17 00:00:00 2001 From: yangshiqi Date: Wed, 26 Feb 2025 20:35:16 +0800 Subject: [PATCH 3/4] remove warnings and correct the version and author Signed-off-by: yangshiqi --- package.json | 10 +++++----- packages/web/package.json | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index b8c5b71..df91a4c 100644 --- a/package.json +++ b/package.json @@ -1,10 +1,10 @@ { - "name": "hami-webui", - "version": "0.0.1", - "description": "", - "author": "", + "name": "hami-webui-cli", + "version": "1.0.1", + "description": "a CLI for HAMi", + "author": "RiseUnion", "private": true, - "license": "UNLICENSED", + "license": "Apache-2.0", "scripts": { "build": "nest build", "format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\"", diff --git a/packages/web/package.json b/packages/web/package.json index 285bf15..3eed72a 100644 --- a/packages/web/package.json +++ b/packages/web/package.json @@ -1,6 +1,6 @@ { - "name": "", - "version": "0.1.0", + "name": "hami-webui", + "version": "1.0.1", "private": true, "scripts": { "start": "export NODE_ENV=development && vue-cli-service serve", From 6b6a08f97130e09571781b8f5d91e12e2f00ee90 Mon Sep 17 00:00:00 2001 From: yangshiqi Date: Wed, 26 Feb 2025 21:18:29 +0800 Subject: [PATCH 4/4] =?UTF-8?q?web=E4=B8=AD=E4=B8=8D=E9=9C=80=E8=A6=81=20b?= =?UTF-8?q?ody-parser=EF=BC=8C=E5=8E=BB=E6=8E=89=E5=BC=95=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: yangshiqi --- packages/web/package.json | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/web/package.json b/packages/web/package.json index 3eed72a..0273366 100644 --- a/packages/web/package.json +++ b/packages/web/package.json @@ -21,7 +21,6 @@ "@tabler/icons-vue": "^2.36.0", "animate.css": "v4.1.1", "axios": "^1.7.4", - "body-parser": "1.20.3", "bootstrap": "5.3.1", "core-js": "^3.8.3", "crypto-browserify": "^3.12.0",