Skip to content

fix: address dev-dependency issues reported by npm audit #327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
karthiknadig merged 1 commit into from
Oct 28, 2024
Merged

fix: address dev-dependency issues reported by npm audit #327

karthiknadig merged 1 commit into from
Oct 28, 2024

Conversation

@hamirmahal
Copy link
Contributor

@hamirmahal hamirmahal commented Oct 26, 2024

Fixes #326

hamirmahal
hamirmahal commented Oct 26, 2024
View reviewed changes
Copy link
Contributor Author

@hamirmahal hamirmahal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Without this change

npm WARN deprecated [email protected]: CircularJSON is in maintenance only, flatted is its successor.
npm WARN deprecated [email protected]: postinstall-build's behavior is now built into npm! You should migrate off of postinstall-build and use the new `prepare` lifecycle script with npm 5.0.0 or greater.

added 472 packages, and audited 473 packages in 3s

93 packages are looking for funding
  run `npm fund` for details

1 high severity vulnerability

To address all issues, run:
  npm audit fix

@hamirmahal
Copy link
Contributor Author

hamirmahal commented Oct 26, 2024

With this change

$  npm install

up to date, audited 473 packages in 713ms

93 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities

@karthiknadig karthiknadig changed the title fix: 1 high severity vulnerability fix: address dev-dependency issues reported by npm audit Oct 28, 2024
@karthiknadig karthiknadig added the debt Technical debt or repo cleanup label Oct 28, 2024
@karthiknadig karthiknadig self-assigned this Oct 28, 2024
@karthiknadig karthiknadig enabled auto-merge (squash) October 28, 2024 17:07
@vs-code-engineering vs-code-engineering bot added this to the November 2024 milestone Oct 28, 2024
@karthiknadig karthiknadig merged commit f4fd822 into microsoft:main Oct 28, 2024
22 checks passed
@hamirmahal hamirmahal deleted the fix/1-high-severity-vulnerability-in-dependencies branch October 29, 2024 04:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@karthiknadig karthiknadig karthiknadig approved these changes

@eleanorjboyd eleanorjboyd eleanorjboyd approved these changes

@anthonykim1 anthonykim1 Awaiting requested review from anthonykim1

Assignees

@karthiknadig karthiknadig

Labels

debt Technical debt or repo cleanup

Projects

None yet

Milestone

November 2024

Development

Successfully merging this pull request may close these issues.

Update dev-dependencies to newer versions to address any audit issues

3 participants

@hamirmahal @karthiknadig @eleanorjboyd