Skip to content

Update cross-fetch; fixes dependabot vulnerability no. 4 #846

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 17, 2022
Merged

Update cross-fetch; fixes dependabot vulnerability no. 4 #846

merged 1 commit into from
Feb 17, 2022

Conversation

krivard
Copy link
Contributor

@krivard krivard commented Feb 16, 2022
edited
Loading

Prerequisites:

  • Unless it is a documentation hotfix it should be merged against the dev branch
  • Branch is up-to-date with the branch to be merged with, i.e. dev
  • Build is successful
  • Code is cleaned up and formatted

Summary

Cross-fetch was blocking a dependabot security update; this should fix it. Resulted from:

src/client/packaging/npm $ npm audit fix

@krivard krivard added the dependencies Pull requests that update a dependency file label Feb 16, 2022
@krivard krivard requested a review from sgratzl February 16, 2022 22:35
sgratzl
sgratzl approved these changes Feb 17, 2022
View reviewed changes
Copy link
Member

@sgratzl sgratzl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@krivard krivard merged commit 4d9be3c into dev Feb 17, 2022
@krivard krivard deleted the krivard/cross-fetch-update branch February 17, 2022 14:55
@krivard krivard mentioned this pull request Feb 24, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sgratzl sgratzl sgratzl approved these changes

Assignees

@sgratzl sgratzl

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@krivard @sgratzl