[Snyk] Upgrade vue from 3.4.15 to 3.4.29

[pavelbe4solutions]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade vue from 3.4.15 to 3.4.29.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 14 versions ahead of your current version.

• The recommended version was released on 23 days ago.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[dryrunsecurity]

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Server-Side Request Forgery Analyzer	✅	0 findings
Configured Codepaths Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings
Sensitive Files Analyzer	❕	1 finding
IDOR Analyzer	✅	0 findings
SQL Injection Analyzer	✅	0 findings
Authn/Authz Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The code changes in this pull request are primarily focused on updating the dependencies of the frpc-dashboard project. The key changes include updating the versions of the vue, @babel/parser, @vue/compiler-*, @vue/reactivity, @vue/runtime-*, magic-string, and postcss libraries.

From an application security perspective, the updates to the @babel/parser and postcss dependencies are worth noting, as these libraries are responsible for parsing JavaScript code and processing CSS, respectively. Any security vulnerabilities in these libraries could potentially lead to code execution or CSS injection issues. It's recommended to review the release notes and security advisories for the updated dependencies to ensure that there are no known security issues.

Overall, these changes appear to be routine dependency updates, which is generally a positive step from a security standpoint, as it helps mitigate the risk of known vulnerabilities in the dependencies. However, it's important to thoroughly test the application after the updates to ensure that there are no unintended consequences or new issues introduced.

Files Changed:

1. web/frpc/package.json: The version of the vue dependency has been updated from ^3.4.15 to ^3.4.29.
2. web/frpc/yarn.lock: Several dependencies have been updated, including @babel/parser, @vue/compiler-*, @vue/reactivity, @vue/runtime-*, magic-string, and postcss.

Powered by DryRun Security

[kodem-security]

Kodem Security Scan ✅

All good, no new security risks were found for this PR

---

No CVEs were fixed in this PR

[github-actions]

PRs go stale after 21d of inactivity. Stale PRs rot after an additional 7d of inactivity and eventually close.