Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updates to [email protected] - eliminates vulnerabilities #1977

Merged
merged 9 commits into from
Nov 24, 2022
Merged

Updates to [email protected] - eliminates vulnerabilities #1977

merged 9 commits into from
Nov 24, 2022

Conversation

ajanec01
Copy link
Collaborator

Running npm install returns a high severity issue for the remark-parse dependancy that relies on trim. This PR updates the package.json and package-lock.json to [email protected] which eliminates the issue.

Currently it is not possible to update remark-parse to 10.0.1 as it's an ECMASript module and a bit more work would be required to run the tests.

Need for Call for Review:
This will not require a Call for Review

How to Review And Approve

  • Go to the “Files changed” tab
  • Here you will have the option to leave comments on different lines.
  • Once the review is completed, find the “Review changes” button in the top right, select “Approve” (if you are really confident in the rule) or "Request changes" and click “Submit review”.
  • Make sure to also review the proposed Call for Review period. In case of disagreement, the longer period wins.

@ajanec01 ajanec01 self-assigned this Nov 22, 2022
@ajanec01 ajanec01 added reviewers wanted security Pull requests that address a security vulnerability labels Nov 23, 2022
@Jym77 Jym77 merged commit e380f04 into develop Nov 24, 2022
@Jym77 Jym77 deleted the update-remark-parse branch November 24, 2022 14:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@HelenBurge HelenBurge HelenBurge approved these changes

@colabottles colabottles colabottles approved these changes

@Jym77 Jym77 Jym77 approved these changes

@carlosapaduarte carlosapaduarte Awaiting requested review from carlosapaduarte

@daniel-montalvo daniel-montalvo Awaiting requested review from daniel-montalvo

@giacomo-petri giacomo-petri Awaiting requested review from giacomo-petri

@tombrunet tombrunet Awaiting requested review from tombrunet

@wcreedle wcreedle Awaiting requested review from wcreedle

@WilcoFiers WilcoFiers Awaiting requested review from WilcoFiers

Assignees

@ajanec01 ajanec01

Labels
reviewers wanted security Pull requests that address a security vulnerability
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ajanec01 @Jym77 @colabottles @HelenBurge