Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update Vercel function handler #222

Merged
merged 1 commit into from
Sep 25, 2023
Merged

fix: update Vercel function handler #222

merged 1 commit into from
Sep 25, 2023

Conversation

fox1t
Copy link
Collaborator

@fox1t fox1t commented Sep 22, 2023
edited
Loading

In this PR:

  • fixes Vercel function handler

Issues reference:

Checklist:

  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?
  • Have you lint your code with pnpm lint locally prior to submission?
  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your core changes, as applicable?
  • Have you successfully ran build with pnpm build of your changes locally?
  • Have you successfully ran tests with pnpm test of your changes locally?
  • Have you commit using Conventional Commits?

@render
Copy link

render bot commented Sep 22, 2023

Your Render PR Server URL is https://turborepo-remote-cache-pr-222.onrender.com.

Follow its progress at https://dashboard.render.com/web/srv-ck703988elhc73ao09q0.

@socket-security
Copy link

New dependencies detected. Learn more about Socket for GitHub ↗︎

Packages Version New capabilities Transitives Size Publisher
typescript 5.2.2 None +0 40.6 MB typescript-bot

@socket-security
Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Issue Package Version Note Source
Chronological version anomaly typescript 5.2.2

Next steps

What is a chronological version anomaly?

Semantic versions published out of chronological order.

This could either indicate dependency confusion or a patched vulnerability.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore typescript@5.2.2

@fox1t fox1t merged commit 3421532 into main Sep 25, 2023
19 of 20 checks passed
@fox1t fox1t deleted the fix-vercel-deployment branch September 25, 2023 08:34
@matteovivona
Copy link
Collaborator

🎉 This PR is included in version 2.0.1 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matteovivona matteovivona matteovivona approved these changes

@hoghweed hoghweed Awaiting requested review from hoghweed

@alemagio alemagio Awaiting requested review from alemagio

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
2 participants
@fox1t @matteovivona