Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

fix: vulnerability fix #514

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Apr 13, 2021
Merged

fix: vulnerability fix #514

merged 5 commits into from
Apr 13, 2021

Conversation

Berkmann18
Copy link
Member

What:
Use more secure versions of dependencies.

Why:
To not have noise from dependency audits and potential issues from dependency vulnerabilities.

How:
Using npm audit --fix.

Checklist:

  • Documentation
  • Ready to be merged
  • Added myself to contributors table.
    Bot Usage

@Berkmann18 Berkmann18 requested a review from a team April 12, 2021 21:15
gr2m
gr2m approved these changes Apr 13, 2021
View reviewed changes
Copy link

@gr2m gr2m left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The version change should make no difference for this package

gr2m
gr2m reviewed Apr 13, 2021
View reviewed changes
package.json Outdated Show resolved Hide resolved
@Berkmann18
Copy link
Member Author

Yeah, there were a bunch of vulnerabilities highlighted by GH (some of which are on https://github.com/all-contributors/all-contributors/security/dependabot) so I thought it would be wise to do this which should also publish translations and resolve 404's.

@Berkmann18 Berkmann18 merged commit 5ab78dd into master Apr 13, 2021
@Berkmann18 Berkmann18 deleted the vuln-fix branch April 13, 2021 17:00
Berkmann18 added a commit that referenced this pull request Apr 13, 2021
@Berkmann18
ci(config): update the node image in CirceCI
0957d66 
To takle the [failing build](https://github.com/all-contributors/all-contributors/runs/2336473172)
following the _successful_ merge of #514
@Berkmann18 Berkmann18 mentioned this pull request Apr 13, 2021
Merged
3 tasks
Berkmann18 added a commit that referenced this pull request Apr 13, 2021
@Berkmann18
ci(config): update the node image in CirceCI (#517)
db2eb34 
To takle the [failing build](https://github.com/all-contributors/all-contributors/runs/2336473172)
following the _successful_ merge of #514
@all-contributors-release-bot
Copy link
Member

🎉 This PR is included in version 2.16.3 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gr2m gr2m gr2m approved these changes

Assignees

No one assigned

Labels

priority: medium released status: review needed vulnerability Security vulnerability

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Berkmann18 @all-contributors-release-bot @gr2m
Morty Proxy This is a proxified and sanitized view of the page, visit original site.