Fix React Server Components CVE vulnerabilities #5
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Michael Novotny <manovotny@gmail.com>
The current URL to the Shopify Integration Guide is http://vercel.com/docs/integrations/shopify, which redirects to https://vercel.com/docs/integrations/cms/shopify and shows a 404. The correct URL that holds the same content now seems to be on https://vercel.com/docs/integrations/ecommerce/shopify, which is updated in this commit.
* feat(design): Show carousel above the fold on desktop Before this commit, we would not see the carousel without scrolling. The top images are so big that take most of the space. This made the website looked a bit weird, thus I am proposing this change. * uneeded
commit 408d6eb Author: Alex <alex.hawley@vercel.com> Date: Wed Sep 4 21:28:45 2024 -0500 added content commit af62089 Author: Alex <alex.hawley@vercel.com> Date: Wed Sep 4 20:43:02 2024 -0500 fixed product recommendations commit 5c921be Author: Alex <alex.hawley@vercel.com> Date: Wed Sep 4 20:33:28 2024 -0500 fixed cart total commit 63e150e Author: Alex <alex.hawley@vercel.com> Date: Wed Sep 4 20:14:47 2024 -0500 fixed update cart commit 85bd6be Author: Alex <alex.hawley@vercel.com> Date: Wed Sep 4 19:00:42 2024 -0500 remove unnecessary cookie usage from sfcc calls commit 2401bed Author: Alex <alex.hawley@vercel.com> Date: Wed Sep 4 18:55:39 2024 -0500 fixed issue with broken getCart commit f8cc8c3 Author: Alex <alex.hawley@vercel.com> Date: Wed Sep 4 18:23:03 2024 -0500 updated lib/sfcc for guest tokens commit bd6129e Author: Alex <alex.hawley@vercel.com> Date: Wed Sep 4 15:19:40 2024 -0500 added now required channel_id commit eeb805f Author: Alex <alex.hawley@vercel.com> Date: Tue Sep 3 17:43:27 2024 -0500 split out scapi commit e4f3bb1 Author: Alex <alex.hawley@vercel.com> Date: Tue Sep 3 16:55:11 2024 -0500 carried over sfcc work commit 2616869 Author: Alex <alex.hawley@vercel.com> Date: Thu Aug 22 15:03:30 2024 -0400 initial sfcc work
- Modified validateEnvironmentVariables to return properly typed SDK parameters - Added SFCCSDKParameters interface with proper type constraints - Improved error messaging for missing environment variables
…utions#17) Co-authored-by: Chris Tate <ctate@users.noreply.github.com>
…gic across cart and checkout actions - Reformatted `tsconfig.json` for better readability. - Changed JSX setting from "preserve" to "react-jsx". - Updated revalidation calls in cart and checkout actions to include a "max" argument for improved cache handling. - Ensured consistent formatting in function parameters and object entries for better code clarity.
malewis5
force-pushed
the
fix/cve-2025-66478
branch
2 times, most recently
from
7345963 to
510196d
Compare
Updated dependencies to fix Next.js and React CVE vulnerabilities. The fix-react2shell-next tool automatically updated the following packages to their secure versions: - next - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory.
malewis5
force-pushed
the
fix/cve-2025-66478
branch
from
510196d to
a421f54
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR upgrades dependencies to patch a security vulnerability.
Action required
Please review the changes and run a quick test. If everything looks correct, you can merge this PR. If you prefer to upgrade manually, feel free to close this and apply your own fix.
Thank you.