Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Resolves all qs dependencies to v6.10.3 #1380

Merged
merged 1 commit into from
Mar 24, 2022

Conversation

tmarkley
Copy link
Contributor

Description

Issues Resolved

Resolves #1375

Check List

  • New functionality includes testing.
    • All tests pass
      • yarn test:jest
      • yarn test:jest_integration
      • yarn test:ftr
  • New functionality has been documented.
  • Commits are signed per the DCO using --signoff

* [CHANGELOG](https://github.com/ljharb/qs/blob/v6.10.3/CHANGELOG.md)
* The upstream library with a dependency on ~6.5.2 is `node-sass`, but
  that will not be addressed until sass/node-sass#3193
  is included in a release.

Resolves opensearch-project#1375

Signed-off-by: Tommy Markley <markleyt@amazon.com>
@tmarkley tmarkley added dependencies Pull requests that update a dependency file v2.0.0 cve Security vulnerabilities detected by Dependabot or Mend labels Mar 24, 2022
@tmarkley tmarkley requested a review from a team as a code owner March 24, 2022 02:22
@tmarkley tmarkley merged commit 40619cf into opensearch-project:main Mar 24, 2022
@tmarkley tmarkley deleted the qs branch March 24, 2022 21:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cve Security vulnerabilities detected by Dependabot or Mend dependencies Pull requests that update a dependency file v2.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

CVE-2021-44907 (Low) detected in qs-6.10.3.tgz, qs-6.5.2.tgz
3 participants