Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Remove browser-echo-bot vulnerabilities #447

Closed

Conversation

JhontSouth
Copy link

@JhontSouth JhontSouth commented Jul 9, 2024

Addresses # 4684
#minor

Description

This PR updates the version of the package cssloader and adds a resolution to @microsoft/recognizers-text-number ^1.3.1 to avoid the vulnerabilities CVE-2023-44270 and CVE-2020-28500.

Specific Changes

  • Updated cssloader from ^3.0.0 to ^6.11.0.
  • Added resolution @microsoft/recognizers-text-number ^1.3.1 to remove use of lodash.trimend.

Testing

The following image shows the postcss version installed after the update.
image

@coveralls
Copy link

coveralls commented Jul 9, 2024

Pull Request Test Coverage Report for Build 9860905854

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 84.433%

Totals Coverage Status
Change from base Build 9845909867: 0.0%
Covered Lines: 20429
Relevant Lines: 22904

💛 - Coveralls

@JhontSouth
Copy link
Author

Promoted /4717

@JhontSouth JhontSouth closed this Jul 10, 2024
@JhontSouth JhontSouth deleted the southworks/fix/browser-echo-bot-vulnerabilities branch July 10, 2024 15:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants