Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve vulnerabilities in transitive dep #1023

Merged
merged 1 commit into from
Mar 5, 2024
Merged

Resolve vulnerabilities in transitive dep #1023

merged 1 commit into from
Mar 5, 2024

Conversation

grvillic
Copy link
Contributor

@grvillic grvillic commented Mar 5, 2024

Context

Resolving security alert that impacts some .NET environments, see GHSA-68w7-72jg-6qpp

@grvillic grvillic requested a review from a team as a code owner March 5, 2024 03:01
@grvillic grvillic requested a review from melotic March 5, 2024 03:01
@codecov Codecov
Copy link

codecov bot commented Mar 5, 2024
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 75.4%. Comparing base (bb153af) to head (d7a2993).

Additional details and impacted files 
@@          Coverage Diff          @@
##            main   #1023   +/-   ##
=====================================
  Coverage   75.4%   75.4%           
=====================================
  Files        236     236           
  Lines      10407   10407           
  Branches    1039    1039           
=====================================
  Hits        7850    7850           
  Misses      2267    2267           
  Partials     290     290

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@grvillic grvillic enabled auto-merge (squash) March 5, 2024 03:04
@grvillic grvillic changed the title Resolve security vulnerabilities Resolve vulnerabilities in transitive dep Mar 5, 2024
@grvillic grvillic merged commit 1eea9ac into main Mar 5, 2024
24 checks passed
@grvillic grvillic deleted the users/grvillic/ResolveSecurityVulns branch March 5, 2024 03:07
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 5, 2024

👋 Hi! It looks like you modified some files in the Detectors folder.
You may need to bump the detector versions if any of the following scenarios apply:

  • The detector detects more or fewer components than before
  • The detector generates different parent/child graph relationships than before
  • The detector generates different devDependencies values than before

If none of the above scenarios apply, feel free to ignore this comment 🙂

@pownkel pownkel mentioned this pull request Mar 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RushabhBhansali RushabhBhansali RushabhBhansali approved these changes

@melotic melotic Awaiting requested review from melotic melotic is a code owner automatically assigned from microsoft/ose-component-detection-maintainers

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@grvillic @RushabhBhansali