Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Remove remaining vulnerabilities by updating the hosted-git-info, tar, semver, ejs, elliptic packages #4714

Merged
merged 3 commits into from
Jul 9, 2024

Conversation

sw-joelmut
Copy link
Collaborator

Addresses #4684
#minor

Description

This updates remaining medium and low vulnerable packages to latest possible versions:

Specific Changes

  • Updated hosted-git-info, semver , and elliptic versions by changing the yarn resolution reference inside yarn.lock file.
  • Removed tar resolutions as it's no longer needed.
  • Added ejs resolutions due to Nightwatch vulnerable pinned version.

Testing

Test image isn't needed, package version changes are small.

@sw-joelmut sw-joelmut requested a review from tracyboehrer July 9, 2024 16:53
@sw-joelmut sw-joelmut requested a review from a team as a code owner July 9, 2024 16:53
@coveralls
Copy link

coveralls commented Jul 9, 2024

Pull Request Test Coverage Report for Build 9861270438

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 84.433%

Totals Coverage Status
Change from base Build 9861219534: 0.0%
Covered Lines: 20429
Relevant Lines: 22904

💛 - Coveralls

@tracyboehrer tracyboehrer merged commit 8d7b8d9 into main Jul 9, 2024
12 checks passed
@tracyboehrer tracyboehrer deleted the southworks/update/medium-low-vulnerable-packages branch July 9, 2024 18:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants