Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependencies with CVEs #3223

Merged
merged 1 commit into from
Apr 26, 2021
Merged

chore(deps): update dependencies with CVEs #3223

merged 1 commit into from
Apr 26, 2021

Conversation

oxy
Copy link

@oxy oxy commented Apr 26, 2021

Update devDependencies with known CVEs.
They only process trusted data, so there is no need for us to release a security advisory; but cherry-pick updates for them nonetheless to satisfy tools like Trivy.

@oxy oxy requested a review from a team as a code owner April 26, 2021 13:39
@codecov
Copy link

codecov bot commented Apr 26, 2021

Codecov Report

❗ No coverage uploaded for pull request base (main@72ca12c). Click here to learn what that means.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #3223   +/-   ##
=======================================
  Coverage        ?   46.81%           
=======================================
  Files           ?       23           
  Lines           ?     1194           
  Branches        ?      237           
=======================================
  Hits            ?      559           
  Misses          ?      451           
  Partials        ?      184

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 72ca12c...b0edec7. Read the comment docs.

@jsjoeio jsjoeio added this to the v3.9.4 milestone Apr 26, 2021
@jsjoeio jsjoeio added the dependencies Pull requests that update a dependency file label Apr 26, 2021
jsjoeio
jsjoeio approved these changes Apr 26, 2021
View reviewed changes
Copy link
Contributor

@jsjoeio jsjoeio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for taking care of these 🙌

@oxy oxy merged commit d6cdeab into main Apr 26, 2021
@oxy oxy deleted the oxy/cleanup-electron branch April 26, 2021 18:26
@jsjoeio jsjoeio added the security Security related label Apr 28, 2021
@jsjoeio jsjoeio added the chore Related to maintenance or clean up label May 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsjoeio jsjoeio jsjoeio approved these changes

Assignees
No one assigned
Labels
chore Related to maintenance or clean up dependencies Pull requests that update a dependency file security Security related
Projects
None yet
Milestone
v3.10.0
Development

Successfully merging this pull request may close these issues.
2 participants
@oxy @jsjoeio