-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Several security vulnerabilities seen in amp-github-apps
repo
#270
Comments
renovate-bot is already on for this repo, and all renovate-bot PRs that I haven't approved are assigned to @estherkim, @erwinmombay, and @rcebulko |
The purpose of this issue is to track the fixing of security vulnerabilities. I've edited the description. Reopening until the alerts are gone. |
Is there a way for us to see open vulnerabilities, or only repo admins/owners? |
@rcebulko You should have access once you become a part of @ampproject/wg-infra. Let's chat offline about how we can make that happen. Edit: You've been invited. |
/cc @rsimha |
Curious: For all the packages that you manually upgraded, were there renovate PRs that we couldn't merge for some reason or the other? |
There had been a renovate PR for a while for Probot, but it broke owners, so I finally got to the bottom of that and fixed it. Jest, I don't recall seeing a renovate PR, and there was nothing pending. According to |
We should
enable renovate forupgrade the packages in this repo to fix these and future security vulnerabilities.The text was updated successfully, but these errors were encountered: