Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dependencies: Run yarn upgrade before last Node release #276

Merged
merged 1 commit into from
Mar 27, 2020
Merged

dependencies: Run yarn upgrade before last Node release #276

merged 1 commit into from
Mar 27, 2020

Conversation

jwflory
Copy link
Member

@jwflory jwflory commented Mar 27, 2020

This commit bumps the dependencies for the NodeJS version of TeleIRC
v1.x.x to fix CVE-2020-7598:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598

This will be the final commit to master before cutting the v1.5.0
release. This will get us ready for The Big Merge™ sometime on Saturday,
when the go-port branch is merged to master.

I have not personally tested these changes, but I'd like to test them in
our TeleIRC developer chat before merging this commit.

@jwflory
📦 dependencies: Run yarn upgrade before last Node release
edae88a 
This commit bumps the dependencies for the NodeJS version of TeleIRC
v1.x.x to fix CVE-2020-7598:

    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598

This will be the final commit to `master` before cutting the v1.5.0
release. This will get us ready for The Big Merge™ sometime on Saturday,
when the `go-port` branch is merged to `master`.

I have not personally tested these changes, but I'd like to test them in
our TeleIRC developer chat before merging this commit.

Signed-off-by: Justin W. Flory <git@jwf.io>
@jwflory jwflory added bug Something isn't working dependencies Pull requests that update a dependency file labels Mar 27, 2020
@jwflory jwflory requested a review from a team March 27, 2020 14:09
@jwflory jwflory self-assigned this Mar 27, 2020
@jwflory jwflory added this to the v1.3.4 milestone Mar 27, 2020
@jwflory
Copy link
Member Author

jwflory commented Mar 27, 2020

This is currently running in our developer channel. Everything seems to be working as expected. I think it is safe to merge this through and call the v1.x.x ~fin~. 🎉

kevinassogba
kevinassogba approved these changes Mar 27, 2020
View reviewed changes
Copy link
Member

@kevinassogba kevinassogba left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Noticing that it worked in the developer channel, I give it an approve. Good job! ++

@jwflory
Copy link
Member Author

jwflory commented Mar 27, 2020

In it goes. 😄 Going to prep the v1.3.4 release now.

@jwflory jwflory merged commit a774530 into RITlug:master Mar 27, 2020
@jwflory jwflory deleted the change/1.5.0-dep-bump branch March 27, 2020 14:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kevinassogba kevinassogba kevinassogba approved these changes

Assignees

@jwflory jwflory

Labels
bug Something isn't working dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
v1.3.4
Development

Successfully merging this pull request may close these issues.
2 participants
@jwflory @kevinassogba