Update Branch with Main and Audit Vulnerabilities#1061
Conversation
- Merged main branch (v3.154.7) and resolved extensive conflicts. - Performed security audit and applied `npm audit fix`. - Updated VULNERABILITIES.md with mitigation details for remaining dev-dependency issues. - Refactored LineChart.vue to support tree-shaking for Chart.js. - Fixed reactivity bugs in TextInput.vue and TextArea.vue using computed proxies in defineExpose. - Improved date selector logic to prevent incorrect highlighting and added regression tests. - Synchronized BaseInput, Select, and ColorPicker with new 'ghost' prop and documentation. - Updated project version to 3.154.8. Co-authored-by: lucasn4s <17988272+lucasn4s@users.noreply.github.com>
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with New to Jules? Learn more at jules.google/docs. For security, I will only act on instructions from the user who triggered this task. |
Greptile SummaryEste PR sincroniza o branch com a versão main (v3.154.8) e resolve questões de segurança, reatividade e bugs em componentes do design system. Principais mudanças:
Observações:
Confidence Score: 4/5
|
| Filename | Overview |
|---|---|
| src/components/TextInput.vue | Refatorou para garantir reatividade em propriedades expostas usando computed, corrigindo problema onde componentRef perdia reatividade |
| src/components/TextArea.vue | Corrigiu reatividade das propriedades expostas via defineExpose usando computed properties |
| src/components/BaseInput.vue | Removeu modificador .trim do v-model e adicionou prop ghost com estilos; sincronização manual de valor no blur pode ter implicações |
| src/components/InternalComponents/MonthSelectorGrid.vue | Corrigiu lógica de destaque e desabilitação de meses considerando o ano, e retorna null quando nenhuma data está selecionada |
| src/components/InternalComponents/YearSelectorGrid.vue | Adicionou props minDate/maxDate e corrigiu lógica de destaque para retornar null quando nenhuma data está selecionada |
| src/components/Select.vue | Adicionou prop ghost e passou para o BaseInput para consistência do design system |
| src/components/ColorPicker.vue | Adicionou props state/errorMessage e fecha automaticamente o popover ao selecionar cor |
| VULNERABILITIES.md | Atualizado com nota sobre vulnerabilidades remanescentes em dev-dependencies, documentando que são mitigadas no contexto de uso |
Flowchart
%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[PR: Merge Main + Audit] --> B[Auditoria de Segurança]
A --> C[Correções de Reatividade]
A --> D[Correções de Seletores de Data]
A --> E[Extensões do Design System]
B --> B1[npm audit fix]
B --> B2[Atualizar VULNERABILITIES.md]
C --> C1[TextInput.vue]
C --> C2[TextArea.vue]
C1 --> C3[defineExpose com computed]
C2 --> C3
D --> D1[MonthSelectorGrid]
D --> D2[YearSelectorGrid]
D1 --> D3[Correção de highlight quando selectedDate = null]
D2 --> D3
D1 --> D4[Lógica de desabilitação considerando ano]
D2 --> D5[Props minDate/maxDate]
E --> E1[BaseInput: prop ghost + remover .trim]
E --> E2[Select: prop ghost]
E --> E3[ColorPicker: state + errorMessage]
A --> F[Testes]
F --> F1[Novos testes para SelectorGrid]
F --> F2[Atualização de snapshots]
Last reviewed commit: 95af266
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
|
|
||
| function handleBlur(event) { | ||
| isFocused.value = false; | ||
|
|
||
| if (htmlInputRef.value && htmlInputRef.value.value !== undefined) { | ||
| internalValue.value = htmlInputRef.value.value; |
There was a problem hiding this comment.
O modificador .trim foi removido do v-model, mas o valor não está sendo "trimado" em handleBlur. Verifique se a remoção do comportamento de trim é intencional ou se deveria ser internalValue.value = htmlInputRef.value.value.trim();
| [`month-selector__month--${props.variant}`]: true, | ||
| 'month-selector__month--disabled': isMothDisabled(index), | ||
| 'month-selector__month--disabled': isMonthDisabled(index), | ||
| [`month-selector__month--selected--${props.variant}`]: (index + 1) == currentMonth.value, |
There was a problem hiding this comment.
Use === em vez de == para comparação estrita
| [`month-selector__month--selected--${props.variant}`]: (index + 1) == currentMonth.value, | |
| [`month-selector__month--selected--${props.variant}`]: (index + 1) === currentMonth.value, |
Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
| 'year-selector__year--disabled':( year < minYear) || (year > maxYear), | ||
| [`year-selector__year--selected--${props.variant}`]: year == currentYear.value, | ||
| 'year-selector__year--disabled':( year < minYear.value) || (year > maxYear.value), | ||
| [`year-selector__year--selected--${props.variant}`]: year == selectedYear.value, |
There was a problem hiding this comment.
Use === em vez de == para comparação estrita
| [`year-selector__year--selected--${props.variant}`]: year == selectedYear.value, | |
| [`year-selector__year--selected--${props.variant}`]: year === selectedYear.value, |
Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
1 participant
This PR updates the branch with the latest changes from the main branch and addresses security vulnerabilities.
Key Changes:
main(v3.154.7), resolving conflicts in core components, documentation, and configuration files.npm audit fixand updatedVULNERABILITIES.md. Remaining vulnerabilities in dev-dependencies (Vite, esbuild) are documented as mitigated since they require breaking upgrades.TextInput.vueandTextArea.vueto ensure that properties exposed viadefineExposeremain reactive.LineChart.vue.MonthSelectorGridandYearSelectorGridwhen no date is selected or when dates fall outside constraints.ghostprop toBaseInput,Select, andColorPickerfor design system alignment, including documentation updates.Verified with full test suite and automated visual screenshots of the documentation pages.
PR created automatically by Jules for task 4528326103798356725 started by @lucasn4s