Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 1.3] [1.x] Updating dependencies to resolve CVE #555

Merged
merged 1 commit into from
Dec 1, 2022
Merged

[Backport 1.3] [1.x] Updating dependencies to resolve CVE #555

merged 1 commit into from
Dec 1, 2022

Conversation

opensearch-trigger-bot[bot]
Copy link
Contributor

Backport 1bb2ba4 from #554

@rupal-bq @github-actions
[1.x] Updating dependencies to resolve CVE (#554)
8c57aa3 
* upgrade loader-utils for CVE-2022-37601

Signed-off-by: Rupal Mahajan <[email protected]>

* Update async for CVE-2021-43138

Signed-off-by: Rupal Mahajan <[email protected]>

* Fix cross-fetch for CVE-2022-1365

Signed-off-by: Rupal Mahajan <[email protected]>

* Fix for CVE-2022-37599, CVE-2022-37603

Signed-off-by: Rupal Mahajan <[email protected]>

* Update terser for CVE-2022-25858

Signed-off-by: Rupal Mahajan <[email protected]>

* Update minimatch for CVE-2022-3517

Signed-off-by: Rupal Mahajan <[email protected]>

* Update moment for CVE-2022-24785

Signed-off-by: Rupal Mahajan <[email protected]>

* Update jsdom for CVE-2021-20066

Signed-off-by: Rupal Mahajan <[email protected]>

* Update execa for GMS-2020-2

Signed-off-by: Rupal Mahajan <[email protected]>

* Update qs for CVE-2022-24999

Signed-off-by: Rupal Mahajan <[email protected]>

* Update moment for CVE-2022-31129

Signed-off-by: Rupal Mahajan <[email protected]>

Signed-off-by: Rupal Mahajan <[email protected]>
(cherry picked from commit 1bb2ba4)
@opensearch-trigger-bot opensearch-trigger-bot bot requested a review from a team as a code owner December 1, 2022 04:26
@codecov-commenter
Copy link

codecov-commenter commented Dec 1, 2022
edited
Loading

Codecov Report

Merging #555 (1bb2ba4) into 1.3 (59edfa8) will not change coverage.
The diff coverage is 78.52%.

❗ Current head 1bb2ba4 differs from pull request most recent head 8c57aa3. Consider uploading reports for the commit 8c57aa3 to get more accurate results

@@            Coverage Diff            @@
##                1.3     #555   +/-   ##
=========================================
  Coverage     74.35%   74.35%           
  Complexity      383      383           
=========================================
  Files            94       94           
  Lines          3969     3969           
  Branches        612      612           
=========================================
  Hits           2951     2951           
  Misses          884      884           
  Partials        134      134
Flag Coverage Δ
dashboards-reports 77.06% <78.52%> (ø)
reports-scheduler 71.83% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
...main/__tests__/__utils__/main_utils_test_utils.tsx 100.00% <ø> (ø)
...ions/report_settings/report_settings_constants.tsx 100.00% <ø> (ø)
.../report_definitions/report_settings/time_range.tsx 51.64% <ø> (ø)
...itions/report_trigger/report_trigger_constants.tsx 100.00% <ø> (ø)
...ublic/components/report_definitions/utils/index.ts 100.00% <ø> (ø)
...shboards-reports/public/components/utils/utils.tsx 75.00% <ø> (ø)
dashboards-reports/server/model/backendModel.ts 100.00% <ø> (ø)
dashboards-reports/server/model/index.ts 72.22% <ø> (ø)
dashboards-reports/test/propsMock.js 100.00% <ø> (ø)
...nsearch/reportsscheduler/metrics/BasicCounter.java 44.44% <ø> (ø)
... and 103 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@rupal-bq rupal-bq merged commit 411590f into 1.3 Dec 1, 2022
@github-actions github-actions bot deleted the backport/backport-554-to-1.3 branch December 1, 2022 19:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rupal-bq rupal-bq rupal-bq approved these changes

@joshuali925 joshuali925 joshuali925 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@codecov-commenter @joshuali925 @rupal-bq