🔒 NPM audit fix --force to pick up Redis security fix #40

xurizaemon · 2021-05-06T03:35:33Z

@hubotio seems a bit unmaintained, but I am gonna throw this drive-by PR up in case it gets merged to fix a recent advisory for the redis package.

don't start using my fork tho, it's already abandoned 😉

stephenyeargin · 2021-05-17T20:43:15Z

@technicalpickles This looks like it will help folks clear a Security Alert. Can it get a 👍?

(Tests are failing because Travis is configured to use legacy versions of Node.)

mistydemeo · 2021-05-17T23:42:06Z

Sorry I missed this. Looks like I wasn't watching the repo. I'll fix CI first, then we can merge this.

mistydemeo · 2021-05-17T23:50:10Z

Thank you so much for your PR! It's greatly appreciated. People like you help keep OSS running.

mistydemeo · 2021-05-17T23:51:28Z

I'll look at cutting a new release soon.

xurizaemon · 2021-05-17T23:53:29Z

Thankyou! Much appreciated 😁

xurizaemon · 2021-07-29T12:30:19Z

Hi @mistydemeo, any chance we could ship a release with this fix? 1.0.0 is latest and it's from 2017.

github-actions · 2023-05-22T00:38:16Z

🎉 This PR is included in version 1.1.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

🔒 NPM audit fix --force

288ca24

xurizaemon mentioned this pull request May 17, 2021

Bump Redis version for security fix #41

Closed

xurizaemon changed the title ~~🔒 NPM audit fix --force~~ 🔒 NPM audit fix --force to pick up Redis security fix May 17, 2021

xurizaemon mentioned this pull request May 17, 2021

What are the plans for Hubot? hubotio/hubot#1541

Closed

Merge branch 'master' into npm_audit_fix_force

f381085

mistydemeo approved these changes May 17, 2021

View reviewed changes

mistydemeo merged commit 2ab8963 into hubotio:master May 17, 2021

xurizaemon deleted the npm_audit_fix_force branch May 17, 2021 23:51

github-actions bot added the released label May 22, 2023

Provide feedback