Skip to content

Commit 36f0b8c

Browse files
[KYUUBI #7533][WEBUI] Upgrade web-ui build toolchain and fix dependency security advisories
### Why are the changes needed? The web-ui toolchain is years behind and partly EOL (vite 4.5, vitest 0.32, vue-tsc 0.38, TS 4.6), with open dependency advisories. This consolidates Dependabot's 11 web-ui PRs and modernizes the toolchain in one change. - Toolchain: vite 4→8, vitest/coverage-v8 0.32→4, plugin-vue 4→6, vue-tsc 0.38→3.3, TS 4.6→5.9, jsdom 20→26, sass→1.101, types/node→22. - Security: vue-i18n 9.2→9.14.5, element-plus 2.2→2.14, lodash/lodash-es→4.18.1 (pnpm overrides). `pnpm audit --prod`: 3 high / 7 moderate → 0. - CI `node.version` v20.17→v22.23.1 (required by vite 8; derived from the Maven property, no workflow edits). - Removed the unused `package-lock.json` (the module builds with pnpm). ESLint 8→9 (flat-config) is deferred to a follow-up. Closes #7533 ### How was this patch tested? `pnpm install --frozen-lockfile`, `build`, `coverage` (80 tests), and `lint` pass on Node 22 / pnpm 9.11; `pnpm audit --prod` = 0. Manually verified all routes and interactive features (i18n switch, Monaco, run SQL → result grid, tabs, data-agent, sign-in) against a running Kyuubi instance — no console errors. ### Was this patch authored or co-authored using generative AI tooling? Assisted-by: Claude Opus 4.8 Closes #7534 from wangzhigang1999/kyuubi-7533-web-ui-toolchain-upgrade. Closes #7533 7bcba67 [wangzhigang] [KYUUBI #7533][WEBUI] Upgrade web-ui build toolchain and fix dependency security advisories Authored-by: wangzhigang <iamzhigangwang@gmail.com> Signed-off-by: wangzhigang <iamzhigangwang@gmail.com>
1 parent 96da471 commit 36f0b8c

6 files changed

Lines changed: 1649 additions & 9597 deletions

File tree

0 commit comments

Comments
 (0)