Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump web-discovery-project to fix moment.js vulnerability #12962

Merged
merged 1 commit into from
Apr 11, 2022

Conversation

remusao
Copy link
Collaborator

@remusao remusao commented Apr 10, 2022

Resolves brave/brave-browser#22193

GHSA-8hfj-j24r-96c4

Submitter Checklist:

  • I confirm that no security/privacy review is needed, or that I have requested one
  • There is a ticket for my issue
  • Used Github auto-closing keywords in the PR description above
  • Wrote a good PR/commit description
  • Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
  • Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
  • Checked the PR locally: npm run test -- brave_browser_tests, npm run test -- brave_unit_tests, npm run lint, npm run gn_check, npm run tslint
  • Ran git rebase master (if needed)

Reviewer Checklist:

  • A security review is not needed, or a link to one is included in the PR description
  • New files have MPL-2.0 license header
  • Adequate test coverage exists to prevent regressions
  • Major classes, functions and non-trivial code blocks are well-commented
  • Changes in component dependencies are properly reflected in gn
  • Code follows the style guide
  • Test plan is specified in PR before merging

After-merge Checklist:

Test Plan:

@remusao remusao requested a review from mihaiplesa April 10, 2022 09:02
@remusao remusao requested a review from a team as a code owner April 10, 2022 09:02
@github-actions github-actions bot added the CI/run-audit-deps Check for known npm/cargo vulnerabilities (audit_deps) label Apr 10, 2022
@remusao remusao force-pushed the update-wdp-to-fix-moment branch from 3a66d13 to df6cfd1 Compare April 10, 2022 14:51
@remusao remusao force-pushed the update-wdp-to-fix-moment branch from df6cfd1 to 4a3037c Compare April 11, 2022 04:48
@simonhong simonhong mentioned this pull request Apr 11, 2022
35 tasks
@remusao remusao added this to the 1.39.x - Nightly milestone Apr 11, 2022
@mihaiplesa mihaiplesa merged commit 089b19f into master Apr 11, 2022
@mihaiplesa mihaiplesa deleted the update-wdp-to-fix-moment branch April 11, 2022 15:37
@mihaiplesa mihaiplesa restored the update-wdp-to-fix-moment branch April 11, 2022 15:38
brave-builds pushed a commit that referenced this pull request Apr 11, 2022
brave-builds pushed a commit that referenced this pull request Apr 11, 2022
@mihaiplesa mihaiplesa deleted the update-wdp-to-fix-moment branch April 11, 2022 15:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
CI/run-audit-deps Check for known npm/cargo vulnerabilities (audit_deps)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Bump web-discovery-project to latest
2 participants