Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

MLE-24228 Bumping mocha and glob#1033

Merged
rjrudin merged 1 commit intodevelopmarklogic/node-client-api:developfrom
feature/audit-fixmarklogic/node-client-api:feature/audit-fixCopy head branch name to clipboard
Nov 18, 2025
Merged

MLE-24228 Bumping mocha and glob#1033
rjrudin merged 1 commit intodevelopmarklogic/node-client-api:developfrom
feature/audit-fixmarklogic/node-client-api:feature/audit-fixCopy head branch name to clipboard

Conversation

@rjrudin
Copy link
Contributor

@rjrudin rjrudin commented Nov 18, 2025

Fixes some CVEs

Copilot AI review requested due to automatic review settings November 18, 2025 16:22
Copilot AI reviewed Nov 18, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates two npm dependencies (mocha and glob) to fix security vulnerabilities. The mocha version is bumped from 11.7.4 to 11.7.5, and glob is updated from 10.3.11 to 12.0.0.

  • Updated mocha to version 11.7.5
  • Updated glob to version 12.0.0 to address a command injection vulnerability (GHSA-5j98-mcp5-4vw2)
  • Updated CONTRIBUTING.md documentation to reflect the new glob version and its security context

Reviewed Changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File Description
package.json Updates mocha to 11.7.5 and glob to 12.0.0 in devDependencies and overrides sections
CONTRIBUTING.md Updates documentation for glob dependency with new version number and vulnerability details

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link

github-actions bot commented Nov 18, 2025

Copyright Validation Results
Total: 3 | Passed: 0 | Failed: 0 | Skipped: 3 | at: 2025-11-18 16:22:17 UTC | commit: fd332fe

⏭️ Skipped (Excluded) Files

  • CONTRIBUTING.md
  • package-lock.json
  • package.json

✅ All files have valid copyright headers!

@rjrudin rjrudin merged commit 15308b2 into develop Nov 18, 2025
5 of 6 checks passed
@rjrudin rjrudin deleted the feature/audit-fix branch November 18, 2025 16:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@anu3990 anu3990 Awaiting requested review from anu3990 anu3990 is a code owner

@BillFarber BillFarber Awaiting requested review from BillFarber BillFarber is a code owner

@stevebio stevebio Awaiting requested review from stevebio stevebio is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rjrudin
Morty Proxy This is a proxified and sanitized view of the page, visit original site.