Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Resolve all npm vulnerabilities #16440

Merged
merged 2 commits into from
Jun 15, 2021
Merged

Conversation

bbovenzi
Copy link
Contributor

@bbovenzi bbovenzi commented Jun 14, 2021

Bump a lot of npm modules in package.json to resolve all severe and moderate vulnerabilities found when using yarn audit

Closes #10429 Our version of Flask App Builder no longer has the issue that used to exist when updating jquery


^ Add meaningful description above

Read the Pull Request Guidelines for more information.
In case of fundamental code change, Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in UPDATING.md.

Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`
@boring-cyborg boring-cyborg bot added area:UI Related to UI/UX. For Frontend Developers. area:webserver Webserver related Issues labels Jun 14, 2021
@bbovenzi bbovenzi requested a review from kaxil June 14, 2021 22:07
@github-actions
Copy link

The PR is likely OK to be merged with just subset of tests for default Python and Database versions without running the full matrix of tests, because it does not modify the core of Airflow. If the committers decide that the full tests matrix is needed, they will add the label 'full tests needed'. Then you should rebase to the latest main or amend the last commit of the PR, and push it with --force-with-lease.

@github-actions github-actions bot added the okay to merge It's ok to merge this PR as it does not require more tests label Jun 14, 2021
@kaxil
Copy link
Member

kaxil commented Jun 14, 2021

Needs a more descriptive PR title though

@bbovenzi bbovenzi changed the title yarn audit Remove npm vulnerabilities Jun 14, 2021
@bbovenzi bbovenzi changed the title Remove npm vulnerabilities Resolve all npm vulnerabilities Jun 14, 2021
@ryanahamilton ryanahamilton merged commit f18e4ba into apache:main Jun 15, 2021
@ryanahamilton ryanahamilton deleted the yarn-auditing branch June 15, 2021 01:52
@kaxil kaxil modified the milestones: Airflow 2.2, Airflow 2.1.2 Jun 28, 2021
@ashb ashb modified the milestones: Airflow 2.1.2, Airflow 2.1.3 Jul 7, 2021
ashb pushed a commit that referenced this pull request Jul 7, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
jhtimmins pushed a commit to astronomer/airflow that referenced this pull request Jul 9, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
jhtimmins pushed a commit that referenced this pull request Jul 9, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
kaxil pushed a commit to astronomer/airflow that referenced this pull request Jul 13, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
(cherry picked from commit 9b0b0c6)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area:UI Related to UI/UX. For Frontend Developers. area:webserver Webserver related Issues okay to merge It's ok to merge this PR as it does not require more tests
Projects
None yet
Development

Successfully merging this pull request may close these issues.

jquery dependency needs to be updated to 3.5.0 or newer
4 participants