Skip to content

[Snyk] Fix for 1 vulnerabilities#753

Open
chrislin22 wants to merge 1 commit into
2.10_dsfrom
snyk-fix-ca1cfaf27ed62245d4783ea4936433a3
Open

[Snyk] Fix for 1 vulnerabilities#753
chrislin22 wants to merge 1 commit into
2.10_dsfrom
snyk-fix-ca1cfaf27ed62245d4783ea4936433a3

Conversation

@chrislin22

Copy link
Copy Markdown

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • site2/website-next/package.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
critical severity Command Injection
SNYK-JS-REACTDEVUTILS-17890708
  858  

Breaking Change Risk

Merge Risk: High

Notice: This assessment is enhanced by AI.


Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Command Injection

@chrislin22

Copy link
Copy Markdown
Author

Merge Risk: High

This is a major upgrade from Docusaurus v2 to v3 which includes significant breaking changes. The upgrade requires mandatory code and environment modifications.

Key Breaking Changes:

  • MDX v1 → v3 Upgrade: This is the most impactful change. MDX v3 enforces stricter parsing of Markdown and JSX. Content that compiled successfully in v2 may now fail to build or render differently. You will need to review and likely update .md and .mdx files, particularly those with { or < characters or JSX syntax.

  • Node.js Requirement: Support for Node.js versions below 18.0 has been dropped. You must be on Node.js v18.0 or newer.

  • React 17 → 18 Upgrade: Docusaurus now requires React 18. This may introduce subtle behavioral changes, such as new hydration errors in the console and differences in state update batching. Custom React components should be reviewed.

  • TypeScript Requirement: Requires TypeScript v5.1 or newer.

  • Other Notable Changes:

    • The ::caution admonition is deprecated in favor of ::warning.
    • The default RSS feed limit for blogs is now 20 entries.

Recommendation:
This upgrade requires careful planning. Before upgrading, it is highly recommended to:

  1. Read the official Upgrading to Docusaurus v3 guide thoroughly.
  2. Use the npx docusaurus-mdx-checker command on your v2 project to identify content files that will require modification for MDX v3 compatibility.
  3. Ensure your development and deployment environments are updated to Node.js v18+.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants