Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Upgrade cookie dependency to latest version #4771

Merged
merged 1 commit into from
Oct 29, 2024

Conversation

ceciliaavila
Copy link
Collaborator

#minor

Description

This PR fixes the CWE-72 weakness found in the cookie package by upgrading it to a safe version.

Specific Changes

  • Updated the yarn.lock file, removing the old version of the express and swagger-cilent packages so the safe version could be resolved when reinstalling.

Testing

This image shows the safe version of the cookie package installed.
image

@ceciliaavila ceciliaavila requested a review from a team as a code owner October 16, 2024 19:00
@coveralls
Copy link

coveralls commented Oct 16, 2024

Pull Request Test Coverage Report for Build 11372125668

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 85.242%

Totals Coverage Status
Change from base Build 11237135309: 0.0%
Covered Lines: 20444
Relevant Lines: 22942

💛 - Coveralls

@tracyboehrer tracyboehrer merged commit 6ef8274 into main Oct 29, 2024
13 checks passed
@tracyboehrer tracyboehrer deleted the southworks/update/cookie-issue branch October 29, 2024 14:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants