-
Notifications
You must be signed in to change notification settings - Fork 911
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CVE] Remove storybook package to fix CVE-2021-42740 and CVE-2021-24033 #2660
Conversation
Signed-off-by: Zilong Xia <zilongx@amazon.com>
Added a change item under |
Thanks for doing this @ZilongX. For others, we determined this is NOT a breaking change because storybook did work since the fork. |
The backport to
To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-1.3 1.3
# Navigate to the new working tree
cd .worktrees/backport-1.3
# Create a new branch
git switch --create backport/backport-2660-to-1.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 1c50eeed0e1c19da96715b1236a54ac838667f02
# Push it to GitHub
git push --set-upstream origin backport/backport-2660-to-1.3
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-1.3 Then, create a pull request where the |
… (opensearch-project#2660) Removes the broken and unfinished storybook package and related code. Backport PR: opensearch-project#1172 Signed-off-by: Zilong Xia <zilongx@amazon.com> (cherry picked from commit 1c50eee)
Signed-off-by: Zilong Xia zilongx@amazon.com
Description
storybook
package from1.x
branch referencing similar efforts made in2.0.0
Removes storybook package and related code #1172Issues Resolved
Resolves #1171
Resolves #1055
Check List
yarn test:jest
yarn test:jest_integration
yarn test:ftr