-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resolve the vulnerabilities identified by "dependabot" #3966
Comments
@mlehotskylf a couple of resolutions had dependencies that halted the update . However 80 % of the packages were updated |
@nickmango please review if there are any more checks failing. Thanks! |
@nickmango Looks like 3 checks are failing |
When we update the library, find where it is used and make sure is is not breaking any functionality. |
@umeshlumbhani247 any update on this ticket? Thank you! |
Hi @mlehotskylf I didn't start work on this ticket, as i am occupied with tasks on Organization dashboard and Individual dashboard. Can i pick this later if the task is not in priority ? |
Ok, you can pick this up once done with Org dashboard. |
@umeshlumbhani247 any update on this? Thanks! |
Lets fix this after the release on early next week. |
@nickmango is working on this. |
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Upgraded axios package Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
@nickmango is running into dependency issues. |
- Auto resolved package dependencies for boto3 Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Auto resolved package dependencies for boto3 Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Auto resolved package dependencies for boto3 Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Auto resolved package dependencies for boto3 Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Auto resolved package dependencies for boto3 Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Auto resolved package dependencies for boto3 Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
- Auto resolved package dependencies for boto3 Signed-off-by: Harold Wanyama <hwanyama@contractor.linuxfoundation.org>
I was able to resolve the depenpendabot vulnerabilities. @thakurveerendras kindly verify |
@thakurveerendras will do one more round of sanity check. |
Done a sanity check on dev & prod and found that it is working fine as expected. So closing this ticket |
Resolve the vulnerabilities identified by dependabot: https://github.com/communitybridge/easycla/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-desc.
Resolve it also for Contributor Console repo: https://github.com/communitybridge/easycla-contributor-console
Most of these can be resolved with a version update.
The text was updated successfully, but these errors were encountered: