cleanup: Update ansi-regex, node-forge, & json-schema in currency and payment service #709

xtineskim · 2022-02-08T16:07:24Z

Background

Dependabot alerts for ansi-regex indicating moderate severity in our currency and payment service

Fixes

Relevant CVE description here

Change Summary

I bumped the devDependency semistandard module to "^16.0.1" for both services. Tested it locally, the images built, and it works as expected!

Additional Notes

n/a

Testing Procedure

n/a

Related PRs or Issues

n/a

github-actions · 2022-02-08T16:11:01Z

🚲 PR staged at http://35.188.201.3

xtineskim · 2022-02-08T17:35:54Z

This PR also captures the node-forge and json-schema dependabot error!

NimJay

Thanks for this super quick fix, @ckim328!
I have done a quick test of the staging URL. I played around with the different currencies and made orders/payments. Everything worked as expected!
I checked the package-lock.json files, and I see that both dependencies (node-forge and ansi-regex) are now updated to non-vulnerable versions.
I have created Remove semistandard #712. It might be the case that we could remove semistandard entirely.

Approved!

github-actions · 2022-02-08T18:09:42Z

🚲 PR staged at http://35.188.201.3

Co-authored-by: Nim Jayawardena <nimjay@google.com>

Update ansi-regex currency and payment service

d893682

xtineskim requested review from NimJay and a team February 8, 2022 16:07

NimJay mentioned this pull request Feb 8, 2022

Updating httplib2 to 0.19.0 #710

Merged

xtineskim changed the title ~~cleanup: Update ansi-regex currency and payment service~~ cleanup: Update ansi-regex & node-forge in currency and payment service Feb 8, 2022

xtineskim changed the title ~~cleanup: Update ansi-regex & node-forge in currency and payment service~~ cleanup: Update ansi-regex, node-forge, & json-schema in currency and payment service Feb 8, 2022

NimJay approved these changes Feb 8, 2022

View reviewed changes

Merge branch 'main' into ansi-regex-bump

017ebdc

NimJay merged commit 0b01b50 into main Feb 8, 2022

xtineskim deleted the ansi-regex-bump branch February 8, 2022 18:14

sitaramkm pushed a commit to sitaramkm/microservices-demo that referenced this pull request Mar 27, 2022

Update ansi-regex currency and payment service (GoogleCloudPlatform#709)

aa6a5f4

Co-authored-by: Nim Jayawardena <nimjay@google.com>

tsmithv11 mentioned this pull request Jul 21, 2023

[Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.2 tsmithv11/microservices-demo#10

Open

haseebH mentioned this pull request Nov 27, 2023

[Snyk] Fix for 1 vulnerabilities haseebH/microservices-demo#99

Open

DSOTraining mentioned this pull request Nov 27, 2023

[Snyk] Fix for 1 vulnerabilities DSOTraining/microservices-demo#63

Open

davidb-github mentioned this pull request Nov 27, 2023

[Snyk] Fix for 1 vulnerabilities davidb-github/microservices-demo#80

Open

DSOTraining mentioned this pull request Nov 27, 2023

[Snyk] Fix for 1 vulnerabilities DSOTraining/microservices-demo#64

Open

davidb-github mentioned this pull request Nov 30, 2023

[Snyk] Fix for 1 vulnerabilities davidb-github/microservices-demo#82

Open

haseebH mentioned this pull request Dec 19, 2023

[Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.2 haseebH/microservices-demo#103

Open

This was referenced Dec 19, 2023

[Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.2 tsmithv11/microservices-demo#47

Open

[Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.2 tsmithv11/microservices-demo#48

Open

haseebH mentioned this pull request Dec 20, 2023

[Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.2 haseebH/microservices-demo#104

Open

davidb-github mentioned this pull request Dec 20, 2023

[Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.2 davidb-github/microservices-demo#83

Open

D-Mwanth pushed a commit to D-Mwanth/microservices-demo that referenced this pull request Mar 6, 2024

Update ansi-regex currency and payment service (GoogleCloudPlatform#709)

94ec609

Co-authored-by: Nim Jayawardena <nimjay@google.com>

davidb-github mentioned this pull request Mar 22, 2024

[Snyk] Fix for 1 vulnerabilities davidb-github/microservices-demo#94

Open

This was referenced Mar 22, 2024

[Snyk] Fix for 1 vulnerabilities DSOTraining/microservices-demo#72

Open

[Snyk] Fix for 1 vulnerabilities DSOTraining/microservices-demo#73

Open

haseebH mentioned this pull request Mar 22, 2024

[Snyk] Fix for 1 vulnerabilities haseebH/microservices-demo#109

Open

haseebH mentioned this pull request Mar 22, 2024

[Snyk] Fix for 1 vulnerabilities haseebH/microservices-demo#110

Open

This was referenced Mar 22, 2024

[Snyk] Fix for 1 vulnerabilities tsmithv11/microservices-demo#70

Open

[Snyk] Fix for 1 vulnerabilities tsmithv11/microservices-demo#71

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

cleanup: Update ansi-regex, node-forge, & json-schema in currency and payment service #709

cleanup: Update ansi-regex, node-forge, & json-schema in currency and payment service #709

xtineskim commented Feb 8, 2022 •

edited

Loading

github-actions bot commented Feb 8, 2022

xtineskim commented Feb 8, 2022 •

edited

Loading

NimJay left a comment •

edited

Loading

github-actions bot commented Feb 8, 2022

cleanup: Update ansi-regex, node-forge, & json-schema in currency and payment service #709

cleanup: Update ansi-regex, node-forge, & json-schema in currency and payment service #709

Conversation

xtineskim commented Feb 8, 2022 • edited Loading

Background

Fixes

Change Summary

Additional Notes

Testing Procedure

Related PRs or Issues

github-actions bot commented Feb 8, 2022

xtineskim commented Feb 8, 2022 • edited Loading

NimJay left a comment • edited Loading

Choose a reason for hiding this comment

github-actions bot commented Feb 8, 2022

xtineskim commented Feb 8, 2022 •

edited

Loading

xtineskim commented Feb 8, 2022 •

edited

Loading

NimJay left a comment •

edited

Loading