[Snyk] Upgrade vue from 3.2.33 to 3.5.13

[sumansaurabh]

User description

Snyk has created this PR to upgrade vue from 3.2.33 to 3.5.13.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 120 versions ahead of your current version.

• The recommended version was released 4 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Improper Input Validation SNYK-JS-NANOID-8492085	315	No Known Exploit
	Improper Input Validation SNYK-JS-POSTCSS-5926692	315	No Known Exploit

Release notes

Package name: vue

• 3.5.13 - 2024-11-15
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.12 - 2024-10-11
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.11 - 2024-10-03
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.10 - 2024-09-27
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.9 - 2024-09-26
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.8 - 2024-09-22
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.7 - 2024-09-20
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.6 - 2024-09-16
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.5 - 2024-09-13
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.4 - 2024-09-10
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.3 - 2024-09-06
• 3.5.2 - 2024-09-05
• 3.5.1 - 2024-09-04
• 3.5.0 - 2024-09-03
• 3.5.0-rc.1 - 2024-08-29
• 3.5.0-beta.3 - 2024-08-20
• 3.5.0-beta.2 - 2024-08-15
• 3.5.0-beta.1 - 2024-08-08
• 3.5.0-alpha.5 - 2024-07-31
• 3.5.0-alpha.4 - 2024-07-24
• 3.5.0-alpha.3 - 2024-07-19
• 3.5.0-alpha.2 - 2024-05-04
• 3.5.0-alpha.1 - 2024-04-29
• 3.4.38 - 2024-08-15
• 3.4.37 - 2024-08-08
• 3.4.36 - 2024-08-06
• 3.4.35 - 2024-07-31
• 3.4.34 - 2024-07-24
• 3.4.33 - 2024-07-19
• 3.4.32 - 2024-07-17
• 3.4.31 - 2024-06-28
• 3.4.30 - 2024-06-22
• 3.4.29 - 2024-06-14
• 3.4.28 - 2024-06-14
• 3.4.27 - 2024-05-07
• 3.4.26 - 2024-04-29
• 3.4.25 - 2024-04-24
• 3.4.24 - 2024-04-22
• 3.4.23 - 2024-04-16
• 3.4.22 - 2024-04-15
• 3.4.21 - 2024-02-28
• 3.4.20 - 2024-02-26
• 3.4.19 - 2024-02-13
• 3.4.18 - 2024-02-09
• 3.4.17 - 2024-02-09
• 3.4.16 - 2024-02-08
• 3.4.15 - 2024-01-18
• 3.4.14 - 2024-01-15
• 3.4.13 - 2024-01-13
• 3.4.12 - 2024-01-13
• 3.4.11 - 2024-01-12
• 3.4.10 - 2024-01-11
• 3.4.9 - 2024-01-11
• 3.4.8 - 2024-01-10
• 3.4.7 - 2024-01-09
• 3.4.6 - 2024-01-08
• 3.4.5 - 2024-01-04
• 3.4.4 - 2024-01-03
• 3.4.3 - 2023-12-30
• 3.4.2 - 2023-12-30
• 3.4.1 - 2023-12-30
• 3.4.0 - 2023-12-29
• 3.4.0-rc.3 - 2023-12-27
• 3.4.0-rc.2 - 2023-12-26
• 3.4.0-rc.1 - 2023-12-25
• 3.4.0-beta.4 - 2023-12-19
• 3.4.0-beta.3 - 2023-12-16
• 3.4.0-beta.2 - 2023-12-14
• 3.4.0-beta.1 - 2023-12-13
• 3.4.0-alpha.4 - 2023-12-04
• 3.4.0-alpha.3 - 2023-11-28
• 3.4.0-alpha.2 - 2023-11-27
• 3.4.0-alpha.1 - 2023-10-28
• 3.3.13 - 2023-12-19
• 3.3.12 - 2023-12-16
• 3.3.11 - 2023-12-08
• 3.3.10 - 2023-12-04
• 3.3.9 - 2023-11-25
• 3.3.8 - 2023-11-06
• 3.3.7 - 2023-10-24
• 3.3.6 - 2023-10-20
• 3.3.5 - 2023-10-20
• 3.3.4 - 2023-05-18
• 3.3.3 - 2023-05-18
• 3.3.2 - 2023-05-12
• 3.3.1 - 2023-05-11
• 3.3.0 - 2023-05-11
• 3.3.0-beta.5 - 2023-05-08
• 3.3.0-beta.4 - 2023-05-05
• 3.3.0-beta.3 - 2023-05-01
• 3.3.0-beta.2 - 2023-04-25
• 3.3.0-beta.1 - 2023-04-21
• 3.3.0-alpha.13 - 2023-04-20
• 3.3.0-alpha.12 - 2023-04-18
• 3.3.0-alpha.11 - 2023-04-17
• 3.3.0-alpha.10 - 2023-04-17
• 3.3.0-alpha.9 - 2023-04-08
• 3.3.0-alpha.8 - 2023-04-04
• 3.3.0-alpha.7 - 2023-04-03
• 3.3.0-alpha.6 - 2023-03-30
• 3.3.0-alpha.5 - 2023-03-26
• 3.3.0-alpha.4 - 2023-02-06
• 3.3.0-alpha.3 - 2023-02-06
• 3.3.0-alpha.2 - 2023-02-05
• 3.3.0-alpha.1 - 2023-02-05
• 3.2.47 - 2023-02-02
• 3.2.46 - 2023-02-02
• 3.2.45 - 2022-11-11
• 3.2.44 - 2022-11-09
• 3.2.43 - 2022-11-09
• 3.2.42 - 2022-11-09
• 3.2.41 - 2022-10-14
• 3.2.40 - 2022-09-28
• 3.2.39 - 2022-09-08
• 3.2.38 - 2022-08-30
• 3.2.37 - 2022-06-06
• 3.2.36 - 2022-05-23
• 3.2.35 - 2022-05-20
• 3.2.34 - 2022-05-19
• 3.2.34-beta.1 - 2022-05-17
• 3.2.33 - 2022-04-14

from vue GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

---

Description

• Upgraded vue from version 3.2.33 to 3.5.13 to improve performance and security.
• Updated related dependencies to ensure compatibility with the new version of vue.
• This upgrade addresses multiple vulnerabilities and enhances the overall stability of the application.

---

Changes walkthrough 📝

Relevant files

Dependencies

package-lock.json Upgrade Vue and Related Dependencies                                          frameworks/hello-world-vue/webview-ui/package-lock.json Upgraded vue from version 3.2.33 to 3.5.13. Updated various dependencies related to vue to their latest versions. Added new dependencies and updated existing ones for compatibility. +293/-219 package.json Update Vue Dependency Version                                                        frameworks/hello-world-vue/webview-ui/package.json Changed vue dependency version from ^3.2.33 to ^3.5.13. +1/-1

---

💡 Penify usage:
Comment /help on the PR to get a list of all available Penify tools and their descriptions

[penify-dev]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	2, because the changes are primarily version upgrades with minimal code alterations, making it straightforward to review.
🧪 Relevant tests	No
⚡ Possible issues	No
🔒 Security concerns	No

[penify-dev]

PR Code Suggestions ✨

Category	Suggestion	Score
Compatibility	Check for compatibility with other dependencies after upgrading Consider checking the compatibility of other dependencies with the new version of vue to avoid potential issues. frameworks/hello-world-vue/webview-ui/package.json [13] -"vue": "^3.5.13" +"vue": "^3.5.13" // Ensure compatibility with other dependencies Suggestion importance[1-10]: 7 Why: While this suggestion is relevant, it does not directly address a specific code issue but rather offers a general best practice.	7
	Check for updates to @vscode/webview-ui-toolkit for compatibility Consider updating the version of @vscode/webview-ui-toolkit if it has any known compatibility issues with the new version of vue. frameworks/hello-world-vue/webview-ui/package.json [12] -"@vscode/webview-ui-toolkit": "^1.2.2" +"@vscode/webview-ui-toolkit": "^1.2.2" // Check for updates for compatibility Suggestion importance[1-10]: 6 Why: This suggestion is relevant but does not directly address the changes made in the PR; it suggests an action without specific evidence of compatibility issues.	6
Testing	Run tests to verify application functionality after the upgrade It may be beneficial to run tests after the upgrade to ensure that the application behaves as expected with the new version of vue. frameworks/hello-world-vue/webview-ui/package.json [13] -"vue": "^3.5.13" +"vue": "^3.5.13" // Run tests to verify functionality Suggestion importance[1-10]: 7 Why: This suggestion is useful for ensuring application stability, but it is more of a procedural recommendation rather than a code improvement.	7
Maintainability	Align the upgrade with the project's overall upgrade strategy Ensure that the upgrade aligns with the project's overall upgrade strategy to maintain consistency across dependencies. frameworks/hello-world-vue/webview-ui/package.json [13] -"vue": "^3.5.13" +"vue": "^3.5.13" // Align with project upgrade strategy Suggestion importance[1-10]: 5 Why: This suggestion is quite general and does not provide actionable advice related to the specific code changes made in the PR.	5