-
Notifications
You must be signed in to change notification settings - Fork 163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Addresses CVE-2024-4068 and updates yarn.lock #2039
Addresses CVE-2024-4068 and updates yarn.lock #2039
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is right. We are not using debug, it is a transitive dependency, so it shouldn't be added here. We already have a resolution for it.
Signed-off-by: Darshit Chanpura <[email protected]>
8955148
to
aa22543
Compare
Signed-off-by: Darshit Chanpura <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2039 +/- ##
=======================================
Coverage 70.61% 70.61%
=======================================
Files 97 97
Lines 2600 2600
Branches 380 387 +7
=======================================
Hits 1836 1836
Misses 668 668
Partials 96 96 ☔ View full report in Codecov by Sentry. |
Signed-off-by: Darshit Chanpura <[email protected]>
@DarshitChanpura can we update the title/description of this PR that we are addressing the braces CVE? |
@derek-ho Anything blocking this PR from getting merged? |
Nope it looks good to me now |
* Updates yarn.lock Signed-off-by: Darshit Chanpura <[email protected]> * Forces braces to 3.0.3 Signed-off-by: Darshit Chanpura <[email protected]> * Runs yarn Signed-off-by: Darshit Chanpura <[email protected]> --------- Signed-off-by: Darshit Chanpura <[email protected]> (cherry picked from commit 0592b68)
* Updates yarn.lock Signed-off-by: Darshit Chanpura <[email protected]> * Forces braces to 3.0.3 Signed-off-by: Darshit Chanpura <[email protected]> * Runs yarn Signed-off-by: Darshit Chanpura <[email protected]> --------- Signed-off-by: Darshit Chanpura <[email protected]> (cherry picked from commit 0592b68) Co-authored-by: Darshit Chanpura <[email protected]>
Description
Updates yarn.lock
Addresses CVE-2024-4068
Category
Maintenance
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.