Skip to content

fixture: Upgrations of some packages, with one typo error #2416

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 16, 2019
Merged

fixture: Upgrations of some packages, with one typo error #2416

merged 1 commit into from
Aug 16, 2019

Conversation

@SEWeiTung
Copy link
Contributor

  1. wont => won't.
  2. Update 'semver' from 6.0.0 to 6.3.0.
  3. Update 'marked' from 0.6.2 to 0.7.0, this is a fixture for some known
    vulnerability. Another will be fixed until fixture: Upgration of 'marked' package metalsmith/markdown#40 is merged.

See more at this,

=== npm audit security report ===

Run npm install marked@0.7.0 to resolve 1 vulnerability

Low Regular Expression Denial of Service

Package marked

Dependency of marked

Path marked

More info https://nodesecurity.io/advisories/1076

                             Manual Review                                  
         Some vulnerabilities require your attention to resolve             
                                                                            
      Visit https://go.npm.me/audit-guide for additional guidance

Low Regular Expression Denial of Service

Package marked

Patched in >=0.7.0

Dependency of metalsmith-markdown

Path metalsmith-markdown > marked

More info https://nodesecurity.io/advisories/1076

found 2 low severity vulnerabilities in 4559 scanned packages

fixture: Upgrations of some packages, with one typo error
cf456e5 
1. wont => won't.
2. Update 'semver' from 6.0.0 to 6.3.0.
3. Update 'marked' from 0.6.2 to 0.7.0, this is a fixture for some known
vulnerability. Another will be fixed until
metalsmith/markdown#40 is merged.
@SEWeiTung SEWeiTung requested a review from Trott August 16, 2019 06:48
@MylesBorins
Copy link
Contributor

@MaledongGit in future can you open separate PRs for update dependencies as changing typos

MylesBorins
MylesBorins approved these changes Aug 16, 2019
View reviewed changes
Copy link
Contributor

@MylesBorins MylesBorins left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@MylesBorins MylesBorins merged commit 9f4efd8 into nodejs:master Aug 16, 2019
@SEWeiTung
Copy link
Contributor Author

@MylesBorins:Thanks, I see.

@NOUIY NOUIY mentioned this pull request May 10, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Trott Trott Awaiting requested review from Trott

1 more reviewer

@MylesBorins MylesBorins MylesBorins approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@SEWeiTung @MylesBorins