Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(@angular-devkit/build-angular): update dependency postcss to v8.4.31 #25956

Merged
merged 2 commits into from Oct 5, 2023
Merged

fix(@angular-devkit/build-angular): update dependency postcss to v8.4.31 #25956

merged 2 commits into from Oct 5, 2023

Conversation

alan-agius4
Copy link
Collaborator

@alan-agius4 alan-agius4 commented Oct 5, 2023
edited

Addresses npm audit report of GHSA-7fh5-64p2-3v2j

Closes #25944

@alan-agius4 alan-agius4 added action: review The PR is still awaiting reviews from at least one requested reviewer target: lts This PR is targeting a version currently in long-term support action: merge The PR is ready for merge by the caretaker and removed action: review The PR is still awaiting reviews from at least one requested reviewer labels Oct 5, 2023
@alan-agius4 alan-agius4 linked an issue Oct 5, 2023 that may be closed by this pull request
@angular-devkit/build-angular depends on vulnarable version of postcss #25944
Closed
1 task
@clydin @alan-agius4
test: install specific npm version in npm version E2E test
7f529d5 
To avoid project installation errors when running the `npm-7` E2E test,
the previous semver range of `>7.5.6` has been instead set to a fixed
`8.0.0`. This ensures consistency within the test as now a known version
of npm will be used.
This E2E test started failing recently due to the release of npm 10 which
some packages do not support via the `engines` field. This situation in
turn caused project install failures when the new version of npm was attempted
to be installed in the test.

(cherry picked from commit 889338c)
@alan-agius4
Copy link
Collaborator Author

Failures are not caused by this change.

@alan-agius4 alan-agius4 mentioned this pull request Oct 5, 2023
Closed
1 task
@clydin clydin merged commit bfc1f0f into angular:15.2.x Oct 5, 2023
18 of 20 checks passed
@alan-agius4 alan-agius4 deleted the post-css-15 branch October 5, 2023 14:31
@angular-automatic-lock-bot
Copy link

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

Read more about our automatic conversation locking policy.

This action has been performed automatically by a bot.

@angular-automatic-lock-bot angular-automatic-lock-bot bot locked and limited conversation to collaborators Nov 6, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@clydin clydin clydin approved these changes

Assignees
No one assigned
Labels
action: merge The PR is ready for merge by the caretaker target: lts This PR is targeting a version currently in long-term support
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

@angular-devkit/build-angular depends on vulnarable version of postcss
2 participants
@alan-agius4 @clydin