Skip to content
Launch GitLab Knowledge Graph

Upgrade outdated npm dependencies with known vulnerabilities

Description

Our web-dashboard has several outdated npm dependencies that have known security vulnerabilities. We need to upgrade these packages to secure versions.

Dependencies to Update

  • lodash (CVE-2020-8203)
  • minimist (CVE-2020-7598)
  • axios <1.6.0 (CVE-2023-45857)

Acceptance Criteria

  • Update package.json with latest secure versions
  • Run npm audit and ensure no high/critical vulnerabilities
  • Test application after upgrades
  • Update package-lock.json

cc @bill @sabrina