Nx
Enterprise
Nx
Overview
Sign in / Sign up
Open main menu
Nx
GitHub
Select a tab
Overview
Runs
Analytics
Nx
GitHub
Overview
Runs
Analytics
Loading workspace stats
Loading workspace insights...
Statistics interval
7 days
30 days
Latest CI Pipeline Executions
Filter range
Sort by
Sort by
Start time
Sort ascending
Sort descending
Filter
Filter exact branch match
Exact
Select status
Failed
32712
733d3222 fix(core): upgrade axios to 1.12.0 to address CVE-2025-58754
3 days ago
by terrymun
Failed
32712
67ab37e5 fix(core): upgrade axios to 1.12.0 to address CVE-2025-58754
3 days ago
by terrymun
Failed
32712
b331afb1 chore: upgrade axios to 1.12.0 to address CVE-2025-58754
4 days ago
by terrymun
Succeeded
master
4941173d fix(module-federation): upgrade module federation to 0.18.0 (#32260) <!-- Please make sure you have read the submission guidelines before posting an PR --> <!-- https://github.com/nrwl/nx/blob/master/CONTRIBUTING.md#-submitting-a-pr --> <!-- Please make sure that your commit message follows our format --> <!-- Example: `fix(nx): must begin with lowercase` --> <!-- If this is a particularly complex change or feature addition, you can request a dedicated Nx release for this pull request branch. Mention someone from the Nx team or the `@nrwl/nx-pipelines-reviewers` and they will confirm if the PR warrants its own release for testing purposes, and generate it for you if appropriate. --> This PR upgrades both `@module-federation/enhanced` and `@module-federation/sdk` to [0.18.0](https://github.com/module-federation/core/releases/tag/v0.18.0), which uses the transitive dependency koa@3 that contains a patch for the reported vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2025-8129 ## Current Behavior The `@module-federation/enhanced` and `@module-federation/sdk` dependencies are on version 0.17.0, which contains a reported vulnerability related to the use of koa@2. This causes any consumers of the latest nx version to receive a security vulnerability warning due to the transitive dependency koa@2 being installed, e.g. via GitHub security overview: <img width="938" height="375" alt="Screenshot 2025-08-07 at 23 26 26" src="https://github.com/user-attachments/assets/d4653940-3a23-45c6-881f-639e4732fdce" /> ## Expected Behavior Having nx installed should not raise a security vulnerability warning. ## Related Issue(s) <!-- Please link the issue being fixed so it gets closed when this is merged. --> _n.a._ --------- Co-authored-by: Colum Ferry <cferry09@gmail.com>
1 month ago
by terrymun
Previous page
Previous
Next
Next page
