Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependencies #2252

Merged
merged 1 commit into from
Oct 13, 2023
Merged

chore(deps): update dependencies #2252

merged 1 commit into from
Oct 13, 2023

Conversation

kittaakos
Copy link
Contributor

@kittaakos kittaakos commented Oct 10, 2023
edited
Loading

Motivation

To fix all security vulnerabilities detected by Dependabot.

Change description

  • Update dependencies.
  • Remove shelljs. Replace with fs and console.
  • Remove uuid. Replace with @phosphor/coreutils.

Other information

This PR should fix all except one alert from GH. The latest electron version from navigator.userAgent:

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) ArduinoIDE/2.2.2-snapshot-65159e6 Chrome/116.0.5845.190 Electron/26.2.4 Safari/537.36

Reviewer checklist

  • PR addresses a single concern.
  • The PR has no duplicates (please search among the Pull Requests before creating one)
  • PR title and description are properly filled.
  • Docs have been added / updated (for bug fixes / features)

@kittaakos kittaakos added topic: code Related to content of the project itself topic: security Related to the protection of user data type: imperfection Perceived defect in any part of project labels Oct 10, 2023
chore(deps): update dependencies
30db867 
To fix all security vulnerabilities detected by `Dependabot`.

 - remove `shelljs`. replace with `fs` and `console`.
 - remove `uuid`. replace with `@phosphor/coreutils`.

Signed-off-by: Akos Kitta <a.kitta@arduino.cc>
@kittaakos kittaakos mentioned this pull request Oct 5, 2023
Closed
4 tasks
@kittaakos kittaakos marked this pull request as ready for review October 10, 2023 08:53
rhpco
rhpco approved these changes Oct 10, 2023
View reviewed changes
Copy link

@rhpco rhpco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kittaakos kittaakos merged commit 153e34f into main Oct 13, 2023
26 checks passed
@kittaakos kittaakos deleted the update-dependencies branch October 13, 2023 06:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rhpco rhpco rhpco approved these changes

@per1234 per1234 per1234 approved these changes

Assignees
No one assigned
Labels
topic: code Related to content of the project itself topic: security Related to the protection of user data type: imperfection Perceived defect in any part of project
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kittaakos @rhpco @per1234