Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade moment javascript package #186

Merged
merged 1 commit into from
Nov 29, 2022

Conversation

echarles
Copy link
Member

Fixes #183

@echarles echarles changed the title Upgrade moment javasript package Upgrade moment javascript package Nov 27, 2022
@RRosio
Copy link
Collaborator

RRosio commented Nov 29, 2022

Thank you @echarles!

@RRosio RRosio merged commit de08042 into jupyter:main Nov 29, 2022
@echarles
Copy link
Member Author

Thx @RRosio

@kevin-bates
Copy link
Member

Hello - thank you for maintaining this repo @echarles and @RRosio.

Would it be possible to get a patch release containing this commit? The CVE is impacting some users and their ability to comfortably use nbclassic.

@echarles
Copy link
Member Author

@kevin-bates We were planning to cut a release end 2022, but this has been postponed due CI failure. @ericsnekbytes is working ATM to fix those failures. Once this will be done, we can cut the release.

@kevin-bates
Copy link
Member

Awesome Eric - thank you!

@frenzymadness
Copy link
Contributor

+1 for a new release, thank you!

@echarles
Copy link
Member Author

nbclassic 0.5.1 is released

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[CVE-2022-24785] A path traversal vulnerability in moment
4 participants