Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependencies - Resolve Dependabot alerts and maintenance #255

Merged
merged 2 commits into from
Jun 2, 2021
Merged

Dependencies - Resolve Dependabot alerts and maintenance #255

merged 2 commits into from
Jun 2, 2021

Conversation

mdial89f
Copy link
Contributor

@mdial89f mdial89f commented Jun 2, 2021
edited by dwhitestratiform
Loading

Purpose

This changeset resolves a current dependabot, as well as cleans up a previous fix for a Dependabot alert.

Linked Issues to Close

Administrators can view the Alerts addressed by this PR in the Security panel.
This is a continuation of #252 #236 and #252

Approach

The top level yarn lock file was regenerated to install latest packages, which resolved removed our need to add a yarn resolution for xmlhttprequest-ssl

The ui-src yarn lock was regenerated, resolving our (currently) last dependabot alert.

Learning

Referenced facebook/create-react-app#10762

Assorted Notes/Considerations

N/A

Pull Request Creator Checklist

  • This PR has an associated issue or issues.
  • The associated issue(s) are linked above.
  • This PR meets all acceptance criteria for those issues.
  • This PR and linked issue(s) are adequately documented
  • This PR and linked issues(s) are a complete description of the changeset; an individual or team should be able to understand the issue(s) and changes by reading through this PR and it's links, with no further interaction.
  • Someone has been assigned this PR.
  • At least one person has been marked as reviewer on this PR.

Pull Request Reviewer/Assignee Checklist

  • This PR has an associated issue or issues.
  • The associated issue(s) are linked above.
  • This PR meets all acceptance criteria for those issues.
  • This PR and linked issue(s) are adequately documented
  • This PR and linked issues(s) are a complete description of the changeset; an individual or team should be able to understand the issue(s) and changes by reading through this PR and it's links, with no further interaction.

@mdial89f mdial89f self-assigned this Jun 2, 2021
@mdial89f mdial89f added the dependencies Pull requests that update a dependency file label Jun 2, 2021
@mdial89f mdial89f changed the title Dependencies - Resolve single security alert Dependencies - Resolve Dependabot alerts and maintenance Jun 2, 2021
@mdial89f mdial89f merged commit 272b5c0 into master Jun 2, 2021
@mdial89f mdial89f deleted the depfindingstwo branch June 2, 2021 16:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dwhitestratiform dwhitestratiform dwhitestratiform approved these changes

Assignees

@mdial89f mdial89f

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mdial89f @dwhitestratiform