Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update moment-timezone version for vulnerability #15685

Merged
merged 1 commit into from
Feb 17, 2023
Merged

fix: update moment-timezone version for vulnerability #15685

merged 1 commit into from
Feb 17, 2023

Conversation

SuperBlahman
Copy link

@SuperBlahman SuperBlahman commented Feb 17, 2023
edited

Pull Request Checklist

  • Have you added new tests to prevent regressions?
  • If a documentation update is necessary, have you opened a PR to the documentation repository?
  • Did you update the typescript typings accordingly (if applicable)?
  • Does the description below contain a link to an existing issue (Closes #[issue]) or a description of the issue you are solving?
  • Does the name of your PR follow our conventions?

Description Of Change

moment-timezone 0.5.34 has a major listed vulnerability that is patched in 0.5.35. Updating the minimum version of moment-timezone used by sequelize to be the patched version. More details on the vulnerability here: moment/moment-timezone@7915ac5

@ephys ephys merged commit 48d6193 into sequelize:v6 Feb 17, 2023
@github-actions
Copy link
Contributor

🎉 This PR is included in version 6.28.1 🎉

The release is available on:

Your semantic-release bot 📦🚀

@ephys ephys mentioned this pull request Mar 2, 2023
Closed
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ephys ephys ephys approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@SuperBlahman @ephys