-
Notifications
You must be signed in to change notification settings - Fork 799
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix Dependabot Vulnerability #3269
Fix Dependabot Vulnerability #3269
Conversation
Build Failed 😱 Build Id: 1a87049f-5c02-4d88-a139-12afe1862660 To get permission to view the Cloud Build view, join the agones-discuss Google Group. |
Found this error:
@steven-supersolid you are our resident NodeJS expect -- is this the right approach to fix this? |
This looks like a transitive dependency so would just try To update all dependencies we could try We may also want to do a more drastic dependency update using |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Revoking approval until we clarify how the file was modified and resolve the build issue
Initially, I tried with |
Since this is a nodejs issue, Go tooling will not work here unfortunately. If you want a quick node shell with npm tooling - |
package-lock.json
Outdated
@@ -0,0 +1,6 @@ | |||
{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file may have been inadvertently added e.g. by running an npm command in the root directory of the project
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After running npm update
, the agones/package-lock.json
file was generated, thought it was required but I have now deleted it. Thanks!
Build Succeeded 👏 Build Id: 56761bab-6f19-4443-8ae2-7b39d28a3503 The following development artifacts have been built, and will exist for the next 30 days:
A preview of the website (the last 30 builds are retained): To install this version:
|
Yay passing. I think this should be better now? Thanks @steven-supersolid for the review! |
LGTM! |
Build Succeeded 👏 Build Id: 70807425-e9ed-41a9-ae62-5dddd9f59e94 The following development artifacts have been built, and will exist for the next 30 days:
A preview of the website (the last 30 builds are retained): To install this version:
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Kalaiselvi84, markmandel, steven-supersolid The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
New changes are detected. LGTM label has been removed. |
Build Succeeded 👏 Build Id: 2ce212e0-a126-4afd-9084-64a3fb09290d The following development artifacts have been built, and will exist for the next 30 days:
A preview of the website (the last 30 builds are retained): To install this version:
|
What type of PR is this?
/kind cleanup
What this PR does / Why we need it:
Which issue(s) this PR fixes:
Closes #
Special notes for your reviewer: