Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: security updates #6490

Merged
merged 6 commits into from
Nov 21, 2024
Merged

chore: security updates #6490

merged 6 commits into from
Nov 21, 2024

Conversation

elycheea
Copy link
Contributor

Contributes to #6337

What did you change?

  • update rollup resolutions
  • update express resolutions to resolve path-to-regexp
  • add semver to resolutions
  • upgrade webpack to latest

How did you test and verify your work?

@netlify Netlify
Copy link

netlify bot commented Nov 20, 2024
edited
Loading

Deploy Preview for ibm-products-web-components ready!

Name Link
🔨 Latest commit f6b393a
🔍 Latest deploy log https://app.netlify.com/sites/ibm-products-web-components/deploys/673f9cddba4a580008145fe1
😎 Deploy Preview https://deploy-preview-6490--ibm-products-web-components.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@netlify Netlify
Copy link

netlify bot commented Nov 20, 2024
edited
Loading

Deploy Preview for carbon-for-ibm-products ready!

Name Link
🔨 Latest commit f6b393a
🔍 Latest deploy log https://app.netlify.com/sites/carbon-for-ibm-products/deploys/673f9cddc231ce0008e6e2b8
😎 Deploy Preview https://deploy-preview-6490--carbon-for-ibm-products.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@codecov Codecov
Copy link

codecov bot commented Nov 20, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.63%. Comparing base (01ece2b) to head (f6b393a).
Report is 3 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #6490      +/-   ##
==========================================
- Coverage   79.64%   79.63%   -0.01%     
==========================================
  Files         394      394              
  Lines       12886    12886              
  Branches     4268     4268              
==========================================
- Hits        10263    10262       -1     
- Misses       2623     2624       +1
Components Coverage Δ
ibm-products ∅ <ø> (∅)
ibm-products-web-components ∅ <ø> (∅)
---- 🚨 Try these New Features:

@elycheea elycheea marked this pull request as ready for review November 20, 2024 18:28
@elycheea elycheea requested a review from a team as a code owner November 20, 2024 18:28
@elycheea elycheea requested review from AlexanderMelox and amal-k-joy and removed request for a team November 20, 2024 18:28
@elycheea elycheea added the dependencies Pull requests that update a dependency file label Nov 20, 2024
amal-k-joy
amal-k-joy previously approved these changes Nov 21, 2024
View reviewed changes
Copy link
Contributor

@amal-k-joy amal-k-joy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.
But was just curious , like where are we using semver in our repo?

@elycheea
Copy link
Contributor Author

@amal-k-joy It’s in our config CLI, but actually curious if that’s still in use at all or leftover from our v1 package. Can open a ticket to investigate and remove when I get home.

That said, I also had to add a resolution for semver since it’s a dependency in some of our own dependencies and their versions were resolving to earlier packages of it.

@elycheea
Copy link
Contributor Author

@amal-k-joy went ahead and removed the old/unused config/cli files. 😱

@elycheea elycheea added this pull request to the merge queue Nov 21, 2024
github-merge-queue bot pushed a commit that referenced this pull request Nov 21, 2024
@elycheea
chore: security updates (#6490)
7e31d8c 
* chore: update rollup resolutions

* chore: update express and path-to-regexp

* chore: upgrade semver

* chore: update webpack

* chore: remove config/cli
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Nov 21, 2024
@elycheea elycheea added this pull request to the merge queue Nov 21, 2024
Merged via the queue into carbon-design-system:main with commit 473af0f Nov 21, 2024
33 checks passed
@elycheea elycheea deleted the 6337-more-security-updates branch November 21, 2024 23:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matthewgallo matthewgallo matthewgallo approved these changes

@davidmenendez davidmenendez davidmenendez approved these changes

@amal-k-joy amal-k-joy amal-k-joy left review comments

@AlexanderMelox AlexanderMelox Awaiting requested review from AlexanderMelox AlexanderMelox is a code owner automatically assigned from carbon-design-system/carbon-for-ibm-products-reviewers

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file status: one more review 👀
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@elycheea @davidmenendez @matthewgallo @amal-k-joy