Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump fast-xml-parser #521

Merged
merged 2 commits into from
Aug 7, 2023
Merged

Bump fast-xml-parser #521

merged 2 commits into from
Aug 7, 2023

Conversation

kiskoza
Copy link
Contributor

@kiskoza kiskoza commented Jun 21, 2023

  • What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)

It's a security upgrade based on #518 . Dependabot did the version bump and then I fixed the tests.

  • What is the current behavior? (You can also link to an open issue here)

Currently there are a few CVEs asking for an upgrade of the fast-xml-parser package.

  • What is the new behavior (if this is a feature change)?

Based on the tests, it works as before, but without the security warnings.

@cristhian-bento
Copy link

this fixes #523... any ETA for this one? thanks!

@bsaphier
Copy link

Can someone please merge this and publish the updated package 🙏 🙏 🙏

@RTurek
Copy link

RTurek commented Jul 24, 2023

Any reason this can't get merged, maintainers? Many people need this update!

sethk4783
sethk4783 approved these changes Aug 7, 2023
View reviewed changes
Copy link
Contributor

@sethk4783 sethk4783 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sethk4783 sethk4783 merged commit 28096cf into filestack:master Aug 7, 2023
@RTurek
Copy link

RTurek commented Aug 7, 2023

THANK YOU! :)

@RTurek RTurek mentioned this pull request Aug 15, 2023
Closed
hemanth-3 added a commit that referenced this pull request Sep 29, 2023
@RatGabi @kiskoza
@dependabot @hemanth-3
Ensured resolveHost is idempotent (#531)
77aa3a8 
* Updated picker version v1.24.0

* Updated realease version and changelog

* Bump fast-xml-parser (#521)

* build(deps): bump fast-xml-parser from 3.16.0 to 4.2.4

Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 3.16.0 to 4.2.4.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/commits)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

* Fix code after fast-xml-parser version bump

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Updated Changelog and version

* Ensured resolveHost is idempotent

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: SethK <[email protected]>
Co-authored-by: Zsolt Kozaroczy <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: hemanth-3 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sethk4783 sethk4783 sethk4783 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@kiskoza @cristhian-bento @bsaphier @RTurek @sethk4783