Skip to content

fix: Upgrade path-to-regexp and find-my-way packages to latest version #4756

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tracyboehrer merged 2 commits into from
Sep 26, 2024
Merged

fix: Upgrade path-to-regexp and find-my-way packages to latest version #4756

tracyboehrer merged 2 commits into from
Sep 26, 2024

Conversation

@ceciliaavila
Copy link
Collaborator

@ceciliaavila ceciliaavila commented Sep 24, 2024

#minor

Description

This PR fixes the vulnerabilities found with the path-to-regexp and find-my-way packages upgrading them to a safe version.

Specific Changes

  • Removed the old version of the path-to-regexp package from the yarn-lock file so the install resolves the safe version 1.9.0.
  • Added the safe version 8.2.2 of the find-my-way package to the resolutions section of the package.json file until restify publishes a new version with the patch.

Testing

These images show the safe versions of the packages being installed.
image

@ceciliaavila ceciliaavila requested a review from a team as a code owner September 24, 2024 17:03
@coveralls
Copy link

coveralls commented Sep 24, 2024
edited
Loading

Pull Request Test Coverage Report for Build 11018506415

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 85.349%
Totals Coverage Status
Change from base Build 10930026932: 0.0%
Covered Lines: 20433
Relevant Lines: 22910
💛 - Coveralls

@tracyboehrer tracyboehrer merged commit 7112170 into main Sep 26, 2024
@tracyboehrer tracyboehrer deleted the southworks/fix/vulnerability-issues branch September 26, 2024 18:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tracyboehrer tracyboehrer tracyboehrer approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ceciliaavila @coveralls @tracyboehrer