Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: security: downgrade node-forge to 0.9.0 #4133

Merged
merged 3 commits into from
Sep 15, 2020
Merged

fix: security: downgrade node-forge to 0.9.0 #4133

merged 3 commits into from
Sep 15, 2020

Conversation

boydc2014
Copy link
Contributor

@boydc2014 boydc2014 commented Sep 15, 2020
edited
Loading

#minor

@coveralls
Copy link

coveralls commented Sep 15, 2020
edited
Loading

Coverage Status

Coverage remained the same at 55.5% when pulling 177d79e on donglei/fix-security into 98efa7f on main.

@boydc2014
Copy link
Contributor Author

@beyackle can you help check why this src/locales/en-us.json is changed after just yarn install and build?

@boydc2014
Copy link
Contributor Author

@beyackle can you help check why this src/locales/en-us.json is changed after just yarn install and build?

It turns out that the changes to src/locales/en-us.json is not caused by this package update, so i revert the change and created another ticket for it #4134

@a-b-r-o-w-n a-b-r-o-w-n merged commit 40ced1f into main Sep 15, 2020
@a-b-r-o-w-n a-b-r-o-w-n deleted the donglei/fix-security branch September 15, 2020 15:09
@a-b-r-o-w-n
Copy link
Contributor

@boydc2014 Thanks! I was looking at this yesterday and was confused. I didn't realize we needed a downgrade! It's nice to have all of CI passing again. 🐼

alanlong9278 added a commit to alanlong9278/BotFramework-Composer that referenced this pull request Sep 16, 2020
@alanlong9278
Merge branch 'main' into julong/publish-code-clean
3a51407 
* main:
  fix: add more missing formatMessage calls (microsoft#4144)
  feat: electron splash screen (microsoft#4119)
  feat: Add QnA files to dispatch model in skill manifest (microsoft#3985)
  fix: check whether operation is under current project folder (microsoft#4078)
  update localization and add missing "example" string (microsoft#4138)
  fix: defense invocation of `value.match()` (microsoft#4110)
  fix: checkReturnType in ExpressionValidation throws unexpected error (microsoft#4112)
  chore(deps): Bump tree-kill from 1.2.1 to 1.2.2 in /Composer (microsoft#4035)
  build: fix docker builds in ACR (microsoft#3986)
  fix: security: downgrade node-forge to 0.9.0 (microsoft#4133)
  chore: update archiver to fix security warning (microsoft#4116)
@cwhitten cwhitten mentioned this pull request Nov 13, 2020
Merged
lei9444 pushed a commit to lei9444/BotFramework-Composer-1 that referenced this pull request Jun 15, 2021
@boydc2014
fix: security: downgrade node-forge to 0.9.0 (microsoft#4133)
185c0ca 
* Downgrade node-forge to 0.9.0

* revert en-us.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@a-b-r-o-w-n a-b-r-o-w-n a-b-r-o-w-n approved these changes

@beyackle beyackle Awaiting requested review from beyackle

@cwhitten cwhitten Awaiting requested review from cwhitten

@GeoffCoxMSFT GeoffCoxMSFT Awaiting requested review from GeoffCoxMSFT

@hatpick hatpick Awaiting requested review from hatpick

@srinaath srinaath Awaiting requested review from srinaath

@tonyanziano tonyanziano Awaiting requested review from tonyanziano

Assignees
No one assigned
Labels
Needs review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@boydc2014 @coveralls @a-b-r-o-w-n