Skip to content

fix: align with using yarn, remove pnpm in workflow#839

Merged
zengzengzenghuy merged 5 commits into
mainfrom
dev
Apr 10, 2026
Merged

fix: align with using yarn, remove pnpm in workflow#839
zengzengzenghuy merged 5 commits into
mainfrom
dev

Conversation

@zengzengzenghuy

Copy link
Copy Markdown
Contributor

No description provided.

@zengzengzenghuy zengzengzenghuy requested review from a team and 0xarmagan as code owners April 10, 2026 08:44
@socket-security

socket-security Bot commented Apr 10, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addedreact@​18.0.01001007897100
Addedreact-twitter-embed@​4.0.49910010080100
Addedprism-react-renderer@​1.3.59610010086100
Addedreact-player@​2.15.110010010086100
Addedsass-loader@​13.3.39810010087100
Addedreact-dom@​18.0.0931008998100
Addedreact-hook-form@​7.47.09810010093100
Addedsass@​1.56.110010010095100

View full report

@zengzengzenghuy

Copy link
Copy Markdown
Contributor Author

Regarding security-audit failure:
The vulnerability is low and the reason comes from webpack. To fix it, we need to upgrade webpack to >=5.104.1, but it will break Docusaurus 3.9.2's ProgressPlugin. We can ignore the error.

@zengzengzenghuy zengzengzenghuy merged commit 3815f15 into main Apr 10, 2026
9 of 10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants