Commit 36f0b8c
committed
[KYUUBI #7533][WEBUI] Upgrade web-ui build toolchain and fix dependency security advisories
### Why are the changes needed?
The web-ui toolchain is years behind and partly EOL (vite 4.5, vitest 0.32, vue-tsc 0.38, TS 4.6), with open dependency advisories. This consolidates Dependabot's 11 web-ui PRs and modernizes the toolchain in one change.
- Toolchain: vite 4→8, vitest/coverage-v8 0.32→4, plugin-vue 4→6, vue-tsc 0.38→3.3, TS 4.6→5.9, jsdom 20→26, sass→1.101, types/node→22.
- Security: vue-i18n 9.2→9.14.5, element-plus 2.2→2.14, lodash/lodash-es→4.18.1 (pnpm overrides). `pnpm audit --prod`: 3 high / 7 moderate → 0.
- CI `node.version` v20.17→v22.23.1 (required by vite 8; derived from the Maven property, no workflow edits).
- Removed the unused `package-lock.json` (the module builds with pnpm).
ESLint 8→9 (flat-config) is deferred to a follow-up.
Closes #7533
### How was this patch tested?
`pnpm install --frozen-lockfile`, `build`, `coverage` (80 tests), and `lint` pass on Node 22 / pnpm 9.11; `pnpm audit --prod` = 0. Manually verified all routes and interactive features (i18n switch, Monaco, run SQL → result grid, tabs, data-agent, sign-in) against a running Kyuubi instance — no console errors.
### Was this patch authored or co-authored using generative AI tooling?
Assisted-by: Claude Opus 4.8
Closes #7534 from wangzhigang1999/kyuubi-7533-web-ui-toolchain-upgrade.
Closes #7533
7bcba67 [wangzhigang] [KYUUBI #7533][WEBUI] Upgrade web-ui build toolchain and fix dependency security advisories
Authored-by: wangzhigang <iamzhigangwang@gmail.com>
Signed-off-by: wangzhigang <iamzhigangwang@gmail.com>1 parent 96da471 commit 36f0b8c
6 files changed
Lines changed: 1649 additions & 9597 deletions
File tree
- kyuubi-server/web-ui
- src/views
- editor
- overview
0 commit comments