Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[CVE] Improper input validation in PostCSS #1765

Merged

Conversation

@GowthamShanmugam
Copy link
Contributor Author

/cherry-pick release-4.18

@openshift-cherrypick-robot

@GowthamShanmugam: once the present PR merges, I will cherry-pick it on top of release-4.18 in a new PR and assign it to you.

In response to this:

/cherry-pick release-4.18

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@GowthamShanmugam
Copy link
Contributor Author

/cherry-pick release-4.18-compatibility

@openshift-cherrypick-robot

@GowthamShanmugam: once the present PR merges, I will cherry-pick it on top of release-4.18-compatibility in a new PR and assign it to you.

In response to this:

/cherry-pick release-4.18-compatibility

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Signed-off-by: Gowtham Shanmugasundaram <[email protected]>
Comment on lines 190 to +192
"tough-cookie": "^4.1.3",
"cross-spawn": "^7.0.6"
"cross-spawn": "^7.0.6",
"postcss": "^8.4.49"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Next time put them in alphabetical order, please.

@alfonsomthd
Copy link
Collaborator

/lgtm

Copy link
Contributor

openshift-ci bot commented Dec 12, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alfonsomthd, GowthamShanmugam

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [GowthamShanmugam,alfonsomthd]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 722bfba into red-hat-storage:master Dec 12, 2024
5 checks passed
@openshift-cherrypick-robot

@GowthamShanmugam: new pull request created: #1766

In response to this:

/cherry-pick release-4.18

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-cherrypick-robot

@GowthamShanmugam: new pull request created: #1767

In response to this:

/cherry-pick release-4.18-compatibility

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@GowthamShanmugam
Copy link
Contributor Author

release-4.17

@GowthamShanmugam
Copy link
Contributor Author

/cherry-pick release-4.17

@GowthamShanmugam
Copy link
Contributor Author

/cherry-pick release-4.17-compatibility

@openshift-cherrypick-robot

@GowthamShanmugam: #1765 failed to apply on top of branch "release-4.17":

Applying: Improper input validation in PostCSS
Using index info to reconstruct a base tree...
M	package.json
M	yarn.lock
Falling back to patching base and 3-way merge...
Auto-merging yarn.lock
CONFLICT (content): Merge conflict in yarn.lock
Auto-merging package.json
CONFLICT (content): Merge conflict in package.json
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
hint: When you have resolved this problem, run "git am --continue".
hint: If you prefer to skip this patch, run "git am --skip" instead.
hint: To restore the original branch and stop patching, run "git am --abort".
hint: Disable this message with "git config advice.mergeConflict false"
Patch failed at 0001 Improper input validation in PostCSS

In response to this:

/cherry-pick release-4.17

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-cherrypick-robot

@GowthamShanmugam: #1765 failed to apply on top of branch "release-4.17-compatibility":

Applying: Improper input validation in PostCSS
Using index info to reconstruct a base tree...
M	package.json
M	yarn.lock
Falling back to patching base and 3-way merge...
Auto-merging yarn.lock
CONFLICT (content): Merge conflict in yarn.lock
Auto-merging package.json
CONFLICT (content): Merge conflict in package.json
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
hint: When you have resolved this problem, run "git am --continue".
hint: If you prefer to skip this patch, run "git am --skip" instead.
hint: To restore the original branch and stop patching, run "git am --abort".
hint: Disable this message with "git config advice.mergeConflict false"
Patch failed at 0001 Improper input validation in PostCSS

In response to this:

/cherry-pick release-4.17-compatibility

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

GowthamShanmugam added a commit to GowthamShanmugam/odf-console that referenced this pull request Dec 16, 2024
Signed-off-by: Gowtham Shanmugasundaram <[email protected]>
openshift-merge-bot bot added a commit that referenced this pull request Dec 16, 2024
openshift-cherrypick-robot pushed a commit to openshift-cherrypick-robot/odf-console that referenced this pull request Dec 16, 2024
Signed-off-by: Gowtham Shanmugasundaram <[email protected]>
openshift-cherrypick-robot pushed a commit to openshift-cherrypick-robot/odf-console that referenced this pull request Dec 16, 2024
Signed-off-by: Gowtham Shanmugasundaram <[email protected]>
openshift-merge-bot bot added a commit that referenced this pull request Dec 16, 2024
…1772-to-release-4.18-compatibility

Bug DFBUGS-1168: [release-4.18-compatibility] Fix yarn.lock from: #1765
openshift-merge-bot bot added a commit that referenced this pull request Dec 16, 2024
…1772-to-release-4.18

Bug DFBUGS-1168: [release-4.18] Fix yarn.lock from: #1765
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants