-
Notifications
You must be signed in to change notification settings - Fork 0
Description
The version of Laravel mix depends on a version of webpack-dev-server which has a moderate security issues. You can see this by running npm audit.
webpack-dev-server <=5.2.0
Severity: moderate
webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser - https://github.com/advisories/GHSA-9jgg-88mc-972h
webpack-dev-server users' source code may be stolen when they access a malicious web site - https://github.com/advisories/GHSA-4v9v-hfq4-rm2v
No fix available
node_modules/webpack-dev-server
laravel-mix *
Depends on vulnerable versions of webpack-dev-server
node_modules/laravel-mix
Laravel deprecated Mix and it hasn't been updated since 2020.
Acceptance Criteria
- Determine if we can replace Laravel Mix with Vite
- Update the theme
- Document update process for subthemes.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels