CNV-50977: CNV-51361: fix cve packages #2275
Conversation
|
@upalatucci: This pull request references CNV-50977 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.18.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
i see only yarn.lock, where is the package.json ? |
|
@upalatucci: This pull request references CNV-50977 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.18.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
upalatucci
changed the title
upalatucci
changed the title
upalatucci
changed the title
upalatucci
changed the title
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: metalice, upalatucci The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
📝 Description
upgrade css-loader to have min 8.4.31 in postcss. With this upgrade we'll use 8.4.49
upgrade webpack-cli, cypress, eslint and resolve-url-loader to have cross-spawn min 7.0.5. With the upgrade, we'll use 7.0.6