Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: update 'yargs' dependency and typings #8711

Merged
merged 1 commit into from
Nov 10, 2020
Merged

deps: update 'yargs' dependency and typings #8711

merged 1 commit into from
Nov 10, 2020

Conversation

vince-fugnitto
Copy link
Member

What it does

Fixes: #7444
Closes: #7476

The following pull-request updates the yargs dependency (including typings) to benefit from the security vulnerability fix.

  • updates yargs dependencies across the framework.
  • updates yargs typings and usage.
  • verified that the new version satisfies the licence compatibility as per the instructions.

How to test

  • verify that the build & tests successfully pass.

Review checklist

Reminder for reviewers

Signed-off-by: vince-fugnitto [email protected]
Co-authored-by: Chaitanya Munukutla [email protected]

@vince-fugnitto vince-fugnitto added quality issues related to code and application quality security issues related to security dependencies pull requests that update a dependency file labels Nov 4, 2020
@vince-fugnitto vince-fugnitto self-assigned this Nov 4, 2020
@vince-fugnitto @c16a
deps: update 'yargs'
f7103a6 
The following commit updates the `yargs` dependency and typings
to make use of the security vulnerability fix.

Signed-off-by: vince-fugnitto <[email protected]>
Co-authored-by: Chaitanya Munukutla <[email protected]>
@vince-fugnitto
Copy link
Member Author

Rebasing due to conflict.

@vince-fugnitto vince-fugnitto merged commit 1e519df into master Nov 10, 2020
@vince-fugnitto vince-fugnitto deleted the vf/yargs-bump branch November 10, 2020 22:09
@github-actions github-actions bot added this to the 1.8.0 milestone Nov 10, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paul-marechal paul-marechal paul-marechal approved these changes

Assignees

@vince-fugnitto vince-fugnitto

Labels
dependencies pull requests that update a dependency file quality issues related to code and application quality security issues related to security
Projects
None yet
Milestone
1.8.0
Development

Successfully merging this pull request may close these issues.

Update yargs version - as current version is insecure
2 participants
@vince-fugnitto @paul-marechal