Skip to content

build: npm audit #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
melsener merged 1 commit into from
May 15, 2024
Merged

build: npm audit #7

melsener merged 1 commit into from
May 15, 2024

Conversation

@melsener
Copy link
Member

@melsener melsener commented May 8, 2024

Change description

Before:

# npm audit report

axios  0.8.1 - 0.27.2
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
fix available via `npm audit fix --force`
Will install axios@1.6.8, which is a breaking change
node_modules/axios

1 moderate severity vulnerability

After:

found 0 vulnerabilities

Description here

Type of change

  • Bug fix (fixes an issue)
  • New feature (adds functionality)

Related issues

Fix #5

Checklists

Development

  • Lint rules pass locally
  • Application changes have been tested thoroughly
  • Automated tests covering modified code pass

Security

  • Security impact of change has been considered
  • Code follows company security practices and guidelines

Code review

  • Pull request has a descriptive title and context useful to a reviewer. Screenshots or screencasts are attached as necessary
  • "Ready for review" label attached and reviewers assigned
  • Changes have been reviewed by at least one other contributor
  • Pull request linked to task tracker where applicable

@melsener melsener requested a review from a team May 8, 2024 07:52
@dorukgunes dorukgunes requested a review from a team May 8, 2024 07:58
@aykutbulca
Copy link
Member

aykutbulca commented May 8, 2024

I was about to mention we have an issue for this change — which you already linked. Thanks!

@melsener melsener changed the title chore: npm audit build: npm audit May 10, 2024
@melsener melsener force-pushed the chore/npm-audit-05-2024 branch from d4244a4 to a4c4724 Compare May 10, 2024 11:34
@melsener melsener merged commit 664411d into main May 15, 2024
@melsener melsener deleted the chore/npm-audit-05-2024 branch May 15, 2024 06:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aykutbulca aykutbulca aykutbulca approved these changes

+4 more reviewers

@tasdemirbahadir tasdemirbahadir tasdemirbahadir approved these changes

@dorukgunes dorukgunes dorukgunes approved these changes

@nilaycicekli nilaycicekli nilaycicekli approved these changes

@eren-zeplin eren-zeplin eren-zeplin approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CVE-2023-45857 Need to Bump Axios Dependency

7 participants

@melsener @aykutbulca @tasdemirbahadir @dorukgunes @nilaycicekli @eren-zeplin