Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dependency_validator #325

Merged
merged 5 commits into from
Nov 1, 2021
Merged

Upgrade dependency_validator #325

merged 5 commits into from
Nov 1, 2021

Conversation

sourcegraph-wk
Copy link

Summary

Client Platform is updating dependencies! Read more details at
https://wiki.atl.workiva.net/display/CP/Dependency+Upgrades

This batch is to find and open PRs to upgrade dependency_validator to v2.

Additional manual work that might be needed (CP will do):
[ ] Run dependency_validator to repos that aren't running it,
but do have the dependency.
[ ] Fix CI due to removing an ignore that was actually needed.

For more info, reach out to #support-client-plat on Slack.

Created by Sourcegraph batch change Workiva/update_dep_validator.

@aviary3-wk
Copy link

Security Insights

(7) Vulnerable direct dependencies were detected
  • 1 vulns in browserslist < 4.16.5 via yarn.lock
  • 1 vulns in elliptic < 6.5.4 via yarn.lock
  • 1 vulns in glob-parent < 5.1.2 via yarn.lock
  • 1 vulns in lodash < 4.17.21 via yarn.lock
  • 1 vulns in path-parse < 1.0.7 via yarn.lock
  • 1 vulns in set-value < 4.0.1 via yarn.lock
  • 1 vulns in ssri < 6.0.2 via yarn.lock

    • Action Items

    Questions or Comments? Reach out on Slack: #support-infosec.

    aaronlademann-wf
    aaronlademann-wf approved these changes Nov 1, 2021
    View reviewed changes
    Copy link
    Collaborator

    @aaronlademann-wf aaronlademann-wf left a comment

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    +1

    @Workiva/release-management-pp

    rmconsole-wf
    rmconsole-wf approved these changes Nov 1, 2021
    View reviewed changes
    Copy link

    @rmconsole-wf rmconsole-wf left a comment

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    +1 from RM

    @rmconsole4-wk rmconsole4-wk merged commit ca98758 into master Nov 1, 2021
    @rmconsole4-wk rmconsole4-wk deleted the batch/cplat/update_dep_validator branch November 1, 2021 17:31
    This was referenced Nov 1, 2021
    Merged
    Closed
    Merged
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Reviewers

    @aaronlademann-wf aaronlademann-wf aaronlademann-wf approved these changes

    @rmconsole-wf rmconsole-wf rmconsole-wf approved these changes

    Assignees
    No one assigned
    Labels
    Merge Requirements Met RM Ready
    Projects
    None yet
    Milestone
    No milestone
    Development

    Successfully merging this pull request may close these issues.
    6 participants
    @sourcegraph-wk @aviary3-wk @aaronlademann-wf @rmconsole-wf @rmconsole4-wk @robbecker-wf