Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dependency bump #792

Merged

Conversation

AMoo-Miki
Copy link
Contributor

[CVE-2024-4067][CVE-2024-4068] Bump packages dependent on braces versions lower than 3.0.3:

  • braces from 3.0.2 to 3.0.3
  • micromatch from 4.0.4 to 4.0.7
  • picomatch from 2.3.0 to 2.3.1

Also bumped:

  • json11 from 1.0.4 to 1.1.2
  • graceful-fs from 4.2.8 to 4.2.10

Check List

  • New functionality includes testing.
    • All tests pass
  • Linter check was successfull - yarn run lint doesn't show any errors
  • Commits are signed per the DCO using --signoff
  • Changelog was updated.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

…ions lower than 3.0.3

Bumped:
* `braces` from 3.0.2 to 3.0.3
* `micromatch` from 4.0.4 to 4.0.7
* `picomatch` from 2.3.0 to 2.3.1

Also bumped:
* `json11` from 1.0.4 to 1.1.2
* `graceful-fs` from 4.2.8 to 4.2.10

Also patch-bumped the package to v2.9.1

Signed-off-by: Miki <[email protected]>
@AMoo-Miki AMoo-Miki force-pushed the bump-braces-micromatch-json11 branch from 6d1a695 to 9c70b18 Compare June 7, 2024 17:11
@nhtruong nhtruong merged commit 1564a3e into opensearch-project:main Jun 7, 2024
63 of 64 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants