Skip to content
This repository has been archived by the owner on Mar 25, 2021. It is now read-only.

Bump mkdirp dependency to 0.5.3 #4918

Merged
merged 2 commits into from
Mar 18, 2020

Conversation

Eyas
Copy link
Contributor

@Eyas Eyas commented Mar 18, 2020

PR checklist

  • Addresses an existing issue: fixes Fix CVE-2020-7598 #4917
  • New feature, bugfix, or enhancement
    • Includes tests
  • Documentation update

Overview of change:

This includes a patched version of minimist.

Is there anything you'd like reviewers to focus on?

In the future, consider bumping mkdirp to 1.x, though this would require
a major version bump as only node > 10 would be supported.

CHANGELOG.md entry:

This incldues a patched version of minimist.

In the future, consider bumping mkdirp to 1.x, though this would require
a major version bump as only node > 10 would be supported.
@palantirtech
Copy link
Member

Thanks for your interest in palantir/tslint, @Eyas! Before we can accept your pull request, you need to sign our contributor license agreement - just visit https://cla.palantir.com/ and follow the instructions. Once you sign, I'll automatically update this pull request.

Copy link
Contributor

@JoshuaKGoldberg JoshuaKGoldberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works for me, pending fixing the clean-lockfile complaints! 🚀

@Eyas
Copy link
Contributor Author

Eyas commented Mar 18, 2020

Done!

@JoshuaKGoldberg
Copy link
Contributor

Swell, thanks @Eyas! 🎉

@JoshuaKGoldberg JoshuaKGoldberg merged commit ead6583 into palantir:master Mar 18, 2020
@jvalls-axa
Copy link

Will be released in 6.1.1 soon ?

Thanks

@adidahiya
Copy link
Contributor

just released 6.1.1

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Fix CVE-2020-7598
5 participants