Skip to content

chore: upgrade karma dependencies to fix security issues #961

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 22, 2021
Merged

chore: upgrade karma dependencies to fix security issues #961

merged 1 commit into from
Jun 22, 2021

Conversation

rose-m
Copy link
Contributor

@rose-m rose-m commented Jun 22, 2021

This brings down the npm audit warnings to:

found 12 vulnerabilities (4 moderate, 8 high) in 2681 scanned packages
  12 vulnerabilities require manual review. See the full report for details.

11 vulnerabilities are attributed to dependencies of parcel-bundler which is not a runtime dependency of mongosh. 1 vulnerability is attributed to dependencies of download which is only used in the build package and not distributed with mongosh.

@rose-m rose-m self-assigned this Jun 22, 2021
@addaleax addaleax merged commit d77a3a4 into main Jun 22, 2021
@addaleax addaleax deleted the upgrade-karma-security-fixes branch June 22, 2021 09:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@addaleax addaleax addaleax approved these changes

Assignees

@rose-m rose-m

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rose-m @addaleax