Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Resolve all npm vulnerabilities #16440

Merged
merged 2 commits into from Jun 15, 2021
Merged

Conversation

@bbovenzi
Copy link
Contributor

@bbovenzi bbovenzi commented Jun 14, 2021

Bump a lot of npm modules in package.json to resolve all severe and moderate vulnerabilities found when using yarn audit

Closes #10429 Our version of Flask App Builder no longer has the issue that used to exist when updating jquery


^ Add meaningful description above

Read the Pull Request Guidelines for more information.
In case of fundamental code change, Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in UPDATING.md.

Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`
kaxil
kaxil approved these changes Jun 14, 2021
@github-actions
Copy link

@github-actions github-actions bot commented Jun 14, 2021

The PR is likely OK to be merged with just subset of tests for default Python and Database versions without running the full matrix of tests, because it does not modify the core of Airflow. If the committers decide that the full tests matrix is needed, they will add the label 'full tests needed'. Then you should rebase to the latest main or amend the last commit of the PR, and push it with --force-with-lease.

@kaxil
Copy link
Member

@kaxil kaxil commented Jun 14, 2021

Needs a more descriptive PR title though

@bbovenzi bbovenzi changed the title yarn audit Remove npm vulnerabilities Jun 14, 2021
@bbovenzi bbovenzi changed the title Remove npm vulnerabilities Resolve all npm vulnerabilities Jun 14, 2021
@ryanahamilton ryanahamilton merged commit f18e4ba into apache:main Jun 15, 2021
32 of 33 checks passed
@ryanahamilton ryanahamilton deleted the yarn-auditing branch Jun 15, 2021
@kaxil kaxil added this to the Airflow 2.2 milestone Jun 28, 2021
@kaxil kaxil removed this from the Airflow 2.2 milestone Jun 28, 2021
@kaxil kaxil added this to the Airflow 2.1.2 milestone Jun 28, 2021
@ashb ashb removed this from the Airflow 2.1.2 milestone Jul 7, 2021
@ashb ashb added this to the Airflow 2.1.3 milestone Jul 7, 2021
@ashb ashb removed this from the Airflow 2.1.3 milestone Jul 7, 2021
@ashb ashb added this to the Airflow 2.1.2 milestone Jul 7, 2021
ashb added a commit that referenced this issue Jul 7, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
jhtimmins added a commit to astronomer/airflow that referenced this issue Jul 7, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
(cherry picked from commit e6329d8)
jhtimmins added a commit to astronomer/airflow that referenced this issue Jul 9, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
jhtimmins added a commit that referenced this issue Jul 9, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
kaxil added a commit to astronomer/airflow that referenced this issue Jul 13, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
(cherry picked from commit 9b0b0c6)
kaxil added a commit to astronomer/airflow that referenced this issue Jul 13, 2021
Bump a lot of npm modules in packages.json to resolve all severe and moderate vulnerabilities found when using `yarn audit`

(cherry picked from commit f18e4ba)
(cherry picked from commit 9b0b0c6)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

4 participants