BreizhHardware/Site-comptage-heure
1
0
Fork 0
mirror of https://github.com/BreizhHardware/Site-comptage-heure.git synced 2026-05-09 08:15:31 +02:00
Code Issues 64 Projects Packages Wiki Activity

[PR #34] [MERGED] Fix/react CVE #90

New issue
Closed
opened 2026-05-06 12:18:40 +02:00 by BreizhHardware · 0 comments
BreizhHardware commented 2026-05-06 12:18:40 +02:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/BreizhHardware/Site-comptage-heure/pull/34
Author: @BreizhHardware
Created: 12/12/2025
Status: Merged
Merged: 12/12/2025
Merged by: @BreizhHardware

Base: devHead: fix/React-CVE

📝 Commits (2)

  • 5eb24a5 fix: Mettre à jour les dépendances pour améliorer la sécurité et la stabilité
  • 12ab33b fix: Supprimer les fichiers de configuration inutilisés dans le répertoire .idea

📊 Changes

5 files changed (+132 additions, -167 deletions)

View changed files

.idea/.gitignore (+0 -8)
.idea/discord.xml (+0 -14)
.idea/material_theme_project_new.xml (+0 -13)
📝 package.json (+4 -4)
📝 pnpm-lock.yaml (+128 -128)

📄 Description

This pull request primarily updates several dependencies to their latest patch versions and removes some IDE-specific configuration files. The updates focus on the next, tailwindcss, and related packages, as well as some minor dependency bumps for improved compatibility and bug fixes. Additionally, old .idea configuration files are cleaned up from version control.

Dependency updates:

  • Upgraded next from version 16.0.7 to 16.0.10 in both package.json and pnpm-lock.yaml, along with all associated @next sub-packages. This brings in the latest bug fixes and improvements from the Next.js team. [1] [2] [3] [4] [5]
  • Updated tailwindcss and related packages (such as @tailwindcss/postcss, @tailwindcss/node, @tailwindcss/oxide, etc.) from 4.1.17 to 4.1.18, ensuring the latest features and fixes are included. [1] [2] [3] [4] [5] [6]
  • Bumped @types/node from 24.10.1 to 24.10.3 to keep TypeScript type definitions up-to-date. [1] [2] [3]
  • Updated a few other minor dependencies in the lockfile, such as caniuse-lite and enhanced-resolve, for better compatibility. [1] [2]

Project configuration cleanup:

  • Removed .idea/.gitignore, .idea/discord.xml, and .idea/material_theme_project_new.xml from version control, reducing clutter and preventing IDE-specific settings from being tracked in the repository. [1] [2] [3]

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/BreizhHardware/Site-comptage-heure/pull/34 **Author:** [@BreizhHardware](https://github.com/BreizhHardware) **Created:** 12/12/2025 **Status:** ✅ Merged **Merged:** 12/12/2025 **Merged by:** [@BreizhHardware](https://github.com/BreizhHardware) **Base:** `dev` ← **Head:** `fix/React-CVE` --- ### 📝 Commits (2) - [`5eb24a5`](https://github.com/BreizhHardware/Site-comptage-heure/commit/5eb24a55fda93d1505519ddf3fbd7796b186aacd) fix: Mettre à jour les dépendances pour améliorer la sécurité et la stabilité - [`12ab33b`](https://github.com/BreizhHardware/Site-comptage-heure/commit/12ab33bfcd5a8f2bee1397d77de38fd1c57cab73) fix: Supprimer les fichiers de configuration inutilisés dans le répertoire .idea ### 📊 Changes **5 files changed** (+132 additions, -167 deletions) <details> <summary>View changed files</summary> ➖ `.idea/.gitignore` (+0 -8) ➖ `.idea/discord.xml` (+0 -14) ➖ `.idea/material_theme_project_new.xml` (+0 -13) 📝 `package.json` (+4 -4) 📝 `pnpm-lock.yaml` (+128 -128) </details> ### 📄 Description This pull request primarily updates several dependencies to their latest patch versions and removes some IDE-specific configuration files. The updates focus on the `next`, `tailwindcss`, and related packages, as well as some minor dependency bumps for improved compatibility and bug fixes. Additionally, old `.idea` configuration files are cleaned up from version control. Dependency updates: * Upgraded `next` from version `16.0.7` to `16.0.10` in both `package.json` and `pnpm-lock.yaml`, along with all associated `@next` sub-packages. This brings in the latest bug fixes and improvements from the Next.js team. [[1]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L35-R35) [[2]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL70-R74) [[3]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL350-R396) [[4]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL1729-R1730) [[5]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL2477-R2500) * Updated `tailwindcss` and related packages (such as `@tailwindcss/postcss`, `@tailwindcss/node`, `@tailwindcss/oxide`, etc.) from `4.1.17` to `4.1.18`, ensuring the latest features and fixes are included. [[1]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L50-R57) [[2]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL110-R117) [[3]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL131-R132) [[4]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL782-R840) [[5]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL851-R868) [[6]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL2124-R2125) * Bumped `@types/node` from `24.10.1` to `24.10.3` to keep TypeScript type definitions up-to-date. [[1]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L50-R57) [[2]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL110-R117) [[3]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL879-R880) * Updated a few other minor dependencies in the lockfile, such as `caniuse-lite` and `enhanced-resolve`, for better compatibility. [[1]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL1044-R1045) [[2]](diffhunk://#diff-32824c984905bb02bc7ffcef96a77addd1f1602cff71a11fbbfdd7f53ee026bbL1246-R1247) Project configuration cleanup: * Removed `.idea/.gitignore`, `.idea/discord.xml`, and `.idea/material_theme_project_new.xml` from version control, reducing clutter and preventing IDE-specific settings from being tracked in the repository. [[1]](diffhunk://#diff-21610973868a98feff98dd0460438a8a32cca1447bc8701537ec5048e0c5faebL1-L8) [[2]](diffhunk://#diff-036da77e0e4b2f4e042049d9b20f5cfc4a347bc1e01391bd3bf3bc8ae4601768L1-L14) [[3]](diffhunk://#diff-36c738133cb28c8c4567d8b1825298a23197d472679d924ddb81e1e18641c707L1-L13) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
BreizhHardware 2026-05-06 12:18:40 +02:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dev
dependabot/docker/dev/node-25-alpine
dependabot/npm_and_yarn/dev/prisma-6.18.0
dependabot/npm_and_yarn/dev/prisma/client-6.18.0
dependabot/npm_and_yarn/dev/lucide-react-0.548.0
dependabot/npm_and_yarn/dev/tailwindcss-4.1.16
dependabot/npm_and_yarn/dev/tailwindcss/postcss-4.1.16
V1
No results found.
Labels
Clear labels   
audit

   
audit

   
enhancement

   
enhancement

   
enhancement

   
pull-request
Mirrored from GitHub Pull Request

  
security

   
security
No labels
audit
audit
enhancement
enhancement
enhancement
pull-request
security
security
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
BreizhHardware/Site-comptage-heure#90
No description provided.