Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: bump dependencies to avoid minimist vulnerability #195

Merged
merged 1 commit into from
Apr 4, 2022

Conversation

padamstx
Copy link
Member

@padamstx padamstx commented Apr 4, 2022

This PR updates a few of our dependencies to avoid security vulnerabilities, specifically the minimist vulnerability

Checklist
  • npm test passes (tip: npm run lint-fix can correct most style issues)
  • tests are included
  • documentation is changed or added

@padamstx padamstx self-assigned this Apr 4, 2022
@padamstx padamstx requested a review from dpopp07 April 4, 2022 16:43
Copy link
Member

@dpopp07 dpopp07 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All looks good but I'm wary of bumping our TS dependency - that's caused us issues in the past

package.json Outdated Show resolved Hide resolved
Copy link
Member

@dpopp07 dpopp07 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! 👍

@padamstx padamstx merged commit 4de8a9d into main Apr 4, 2022
@padamstx padamstx deleted the bump-minimist branch April 4, 2022 19:39
ibm-devx-sdk pushed a commit that referenced this pull request Apr 4, 2022
## [2.17.13](v2.17.12...v2.17.13) (2022-04-04)

### Bug Fixes

* bump dependencies to avoid minimist vulnerability ([#195](#195)) ([4de8a9d](4de8a9d))
@ibm-devx-sdk
Copy link

🎉 This PR is included in version 2.17.13 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants