Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): resolve 1 vulnerability on the package marked #89

Closed
wants to merge 4 commits into from
Closed

fix(deps): resolve 1 vulnerability on the package marked #89

wants to merge 4 commits into from

Conversation

ricnef2121
Copy link

resolve 1 vulnerability on the package marked, upgrade at the version 0.8.0

@ricnef2121
Copy link
Author

resolve 1 vulnerability on the package marked, upgrade at the version…

@ricnef2121
Copy link
Author

i have added the update to library marked, because there was in conflict like a vulnerability

ricnef2121
ricnef2121 commented Mar 3, 2020
View reviewed changes
Copy link
Author

@ricnef2121 ricnef2121 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i have added the new version of library marked since generate a new vulnerability so that it can work in storybook

@ricnef2121
Copy link
Author

i have been work for few minutes

armgabrielyan
armgabrielyan approved these changes Apr 16, 2020
View reviewed changes
Copy link

@armgabrielyan armgabrielyan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@AviVahl
Copy link

AviVahl commented Apr 18, 2020

@armgabrielyan this PR adds a package-lock.json, while the project uses yarn.lock. might want to decide on one of them, as yarn would warn on that other lock file.

@johannespfeiffer
Copy link
Contributor

What is the status of this PR? Is the only thing left to do to remove the package-lock.json?

@loreina
Copy link

loreina commented Jul 19, 2020

hey, is there an update on this PR?

jimmyandrade
jimmyandrade requested changes Oct 23, 2020
View reviewed changes
Copy link
Member

@jimmyandrade jimmyandrade left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ricnef2121 thanks for contributing.

[As @AviVahl commented] this PR adds a package-lock.json, while the project uses yarn.lock.
Please use yarn to apply updates to yarn.lock and remove package-lock.json file.

@jimmyandrade jimmyandrade added dependencies Pull requests that update a dependency file help wanted labels Oct 23, 2020
@jimmyandrade jimmyandrade changed the title resolve 1 vulnerability on the package marked, upgrade at the version… fix(deps): resolve 1 vulnerability on the package marked Oct 23, 2020
@jimmyandrade jimmyandrade mentioned this pull request Oct 29, 2020
Closed
@jimmyandrade jimmyandrade linked an issue Oct 30, 2020 that may be closed by this pull request
Current version of marked creates npm audit issue #78
Open
@johannespfeiffer johannespfeiffer mentioned this pull request Nov 10, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jimmyandrade jimmyandrade jimmyandrade requested changes

@armgabrielyan armgabrielyan armgabrielyan approved these changes

Assignees

@ricnef2121 ricnef2121

Labels
ci failed dependencies Pull requests that update a dependency file help wanted security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Current version of marked creates npm audit issue
7 participants
@ricnef2121 @AviVahl @johannespfeiffer @loreina @jimmyandrade @armgabrielyan @rlazcanoc