Skip to content

Upgrade auto and GH actions node #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Upgrade auto and GH actions node #7

wants to merge 2 commits into from

Conversation

@shilman
Copy link
Member

@shilman shilman commented Nov 17, 2022
edited by github-actions bot
Loading

πŸ“¦ Published PR as canary version: 1.0.2--canary.7.391457fcf6c823971cf02d8e74dbf8e242872b26.0

✨ Test out this PR locally via:

npm install @storybook/react-docgen-typescript-plugin@1.0.2--canary.7.391457fcf6c823971cf02d8e74dbf8e242872b26.0
# or 
yarn add @storybook/react-docgen-typescript-plugin@1.0.2--canary.7.391457fcf6c823971cf02d8e74dbf8e242872b26.0

@ndelangen
Copy link
Member

ndelangen commented Jan 16, 2023

Should get upgraded to use node 16

@shilman shilman changed the title Upgrade auto Upgrade auto and GH actions node Feb 14, 2023
@socket-security
Copy link

socket-security bot commented Feb 14, 2023

Socket Security Pull Request Report

Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.

⚠️ Uses eval

Package uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Avoid packages that use eval, since this could potentially execute any code.

Package Eval Type Location Source
await-to-js@3.0.0 (added) eval dist/docs/assets/js/main.js package.json via auto@10.37.6, auto-config-hipstersmoothie@4.0.0
await-to-js@3.0.0 (added) eval dist/docs/assets/js/main.js package.json via auto@10.37.6, auto-config-hipstersmoothie@4.0.0
bottleneck@2.19.5 (added) eval lib/RedisConnection.js package.json via auto@10.37.6, auto-config-hipstersmoothie@4.0.0
es-abstract@1.17.5 (added) eval GetIntrinsic.js package.json via auto-config-hipstersmoothie@4.0.0, eslint-config-airbnb-base@14.2.1, eslint-plugin-import@2.22.1, eslint-plugin-jsx-a11y@6.4.1
es-abstract@1.18.0-next.1 (added) eval GetIntrinsic.js package.json via eslint-config-airbnb-base@14.2.1, eslint-plugin-import@2.22.1
json-fixer@1.6.5 (added) eval src/fixer.js package.json via auto-config-hipstersmoothie@4.0.0
json-fixer@1.6.5 (added) eval src/fixer.js package.json via auto-config-hipstersmoothie@4.0.0
loader-runner@4.2.0 (added) eval lib/loadLoader.js package.json via ts-loader@9.1.2, webpack@5.75.0, webpack-cli@4.7.0
pegjs@0.10.0 (added) eval lib/compiler/index.js package.json via auto-config-hipstersmoothie@4.0.0
pegjs@0.10.0 (added) eval lib/compiler/passes/generate-js.js package.json via auto-config-hipstersmoothie@4.0.0
pegjs@0.10.0 (added) eval lib/compiler/passes/generate-js.js package.json via auto-config-hipstersmoothie@4.0.0
pegjs@0.10.0 (added) eval lib/compiler/passes/generate-js.js package.json via auto-config-hipstersmoothie@4.0.0
pegjs@0.10.0 (added) eval lib/compiler/passes/generate-js.js package.json via auto-config-hipstersmoothie@4.0.0
pegjs@0.10.0 (added) eval lib/compiler/passes/generate-js.js package.json via auto-config-hipstersmoothie@4.0.0
pegjs@0.10.0 (added) eval lib/compiler/passes/generate-js.js package.json via auto-config-hipstersmoothie@4.0.0
prettier@2.0.5 (added) eval bin-prettier.js package.json via eslint-plugin-prettier@3.1.3
prettier@2.0.5 (added) eval third-party.js package.json via eslint-plugin-prettier@3.1.3
prettier@2.0.5 (added) eval third-party.js package.json via eslint-plugin-prettier@3.1.3
prettier@2.0.5 (added) eval third-party.js package.json via eslint-plugin-prettier@3.1.3
prettier@2.0.5 (added) eval third-party.js package.json via eslint-plugin-prettier@3.1.3
terser@5.16.3 (added) eval dist/bundle.min.js package.json via ts-loader@9.1.2, webpack@5.75.0, webpack-cli@4.7.0
Pull request report summary
Issue Status
Install scripts βœ… 0 issues
Native code βœ… 0 issues
Bin script confusion βœ… 0 issues
Bin script shell injection βœ… 0 issues
Shell access βœ… 0 issues
Uses eval ⚠️ 21 issues
Unresolved require βœ… 0 issues
Invalid package.json βœ… 0 issues
HTTP dependency βœ… 0 issues
Git dependency βœ… 0 issues
GitHub dependency βœ… 0 issues
New author βœ… 0 issues
Potential typo squat βœ… 0 issues
Known Malware βœ… 0 issues
Telemetry βœ… 0 issues
Protestware/Troll package βœ… 0 issues
AI detected malware βœ… 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

  • @SocketSecurity ignore await-to-js@3.0.0
  • @SocketSecurity ignore bottleneck@2.19.5
  • @SocketSecurity ignore es-abstract@1.17.5
  • @SocketSecurity ignore es-abstract@1.18.0-next.1
  • @SocketSecurity ignore json-fixer@1.6.5

Powered by socket.dev

@shilman
Copy link
Member Author

shilman commented Jun 13, 2023

Fixed in #11

@shilman shilman closed this Jun 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ndelangen ndelangen ndelangen approved these changes

Assignees

@shilman shilman

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@shilman @ndelangen