Skip to content
This repository was archived by the owner on Sep 3, 2022. It is now read-only.

Bump deps with low vulns #202

Merged
merged 2 commits into from
Sep 11, 2020
Merged

Bump deps with low vulns #202

merged 2 commits into from
Sep 11, 2020

Conversation

bryanmikaelian
Copy link
Contributor

@bryanmikaelian bryanmikaelian commented Sep 11, 2020

Description

This PR addresses some dependencies with low vulnerabilities. The packages in question are:

  • jquery
  • node-fetch
  • debug

These deps were either manually updated or enforced to a safe version via the resolutions config

Test plan

Testing completed successfully using unit tests.

Checklist

  • Thorough explanation of the issue/solution, and a link to the related issue
  • CI tests are passing
  • Unit tests were written for any new code
  • Code coverage is at least maintained, or increased.

@bryanmikaelian bryanmikaelian requested a review from a team September 11, 2020 18:16
Copy link
Contributor

@pooyaj pooyaj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Safe upgrade for debug since it is a major version change and a non-dev dependency?

@bryanmikaelian
Copy link
Contributor Author

@pooyaj Oh, good point / catch. I'll test this out and verify

@bryanmikaelian bryanmikaelian merged commit bfd0dd0 into master Sep 11, 2020
@bryanmikaelian bryanmikaelian deleted the bryan/low-vulns branch September 11, 2020 20:12
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants