Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[10.4.1] [Security] Bump minimist from 1.2.2 to 1.2.3 in /build #37212

Merged
merged 1 commit into from
Apr 4, 2020
Merged

[10.4.1] [Security] Bump minimist from 1.2.2 to 1.2.3 in /build #37212

merged 1 commit into from
Apr 4, 2020

Conversation

phil-davis
Copy link
Contributor

@phil-davis phil-davis commented Apr 4, 2020
edited
Loading

Description

This is a port of #37211 to the release-10.4.1 branch.

The original core master PR that the bot created to bump this was #37138
There was difficulty getting drone to run on that branch/PR. So the change in master actually happened in PR #37154
Then core master PR #37157 got merged and accidentally moved the version of minimist back from 1.2.3 to 1.2.2.
Then last night the bot has noticed that and raised PR #37211 to core master to again bump minimist from 1.2.2 to 1.2.3

There is already a changelog for this that is in both master and release-10.4.1 branches. So IMO this is just a "repair" PR to put things back the way they should be. No need for another changelog entry.

Bumps minimist from 1.2.2 to 1.2.3. This update includes a security fix.

Signed-off-by: dependabot-preview[bot] support@dependabot.com

How Has This Been Tested?

CI

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:
  • Changelog item, see TEMPLATE

@dependabot-preview @phil-davis
[Security] Bump minimist from 1.2.2 to 1.2.3 in /build
091f406 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.2 to 1.2.3. **This update includes a security fix.**
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.2...1.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@phil-davis phil-davis self-assigned this Apr 4, 2020
@owncloud owncloud deleted a comment from update-docs bot Apr 4, 2020
@codecov
Copy link

codecov bot commented Apr 4, 2020
edited
Loading

Codecov Report

Merging #37212 into release-10.4.1 will not change coverage by %.
The diff coverage is n/a.

Impacted file tree graph

@@                Coverage Diff                @@
##             release-10.4.1   #37212   +/-   ##
=================================================
  Coverage             64.87%   64.87%           
  Complexity            19143    19143           
=================================================
  Files                  1268     1268           
  Lines                 74940    74940           
  Branches               1331     1331           
=================================================
  Hits                  48619    48619           
  Misses                25929    25929           
  Partials                392      392
Flag Coverage Δ Complexity Δ
#javascript 54.14% <ø> (ø) 0.00 <ø> (ø)
#phpunit 66.07% <ø> (ø) 19143.00 <ø> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d38c827...091f406. Read the comment docs.

@phil-davis phil-davis mentioned this pull request Apr 4, 2020
Merged
@individual-it individual-it merged commit 15370a2 into release-10.4.1 Apr 4, 2020
@delete-merged-branch delete-merged-branch bot deleted the minimist-1.2.3-for-core-10.4.1 branch April 4, 2020 12:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@individual-it individual-it individual-it approved these changes

@DeepDiver1975 DeepDiver1975 Awaiting requested review from DeepDiver1975

@micbar micbar Awaiting requested review from micbar

Assignees

@phil-davis phil-davis

Labels
3 - To Review dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@phil-davis @individual-it