chore(deps): upgrade decode-uri-component to >= 0.2.2 #2243
Assignees
Labels
dependencies
Pull requests that update a dependency file
good-first-issue
Good for newcomers
good-first-issue-400-expert
P1
Priority 1: Highest
Security
Related to existing or potential security vulnerabilities
Comments
petermetz
added
Security
|
Hi @petermetz , I would like to work on this ticket. Thank you. |
charellesandig
added a commit
to charellesandig/cactus
that referenced
this issue
Feb 20, 2023
…i#2243 Signed-off-by: charelle <[email protected]>
charellesandig
added a commit
to charellesandig/cactus
that referenced
this issue
Feb 23, 2023
…i#2243 Signed-off-by: charelle <[email protected]>
charellesandig
added a commit
to charellesandig/cactus
that referenced
this issue
Feb 23, 2023
…i#2243 Signed-off-by: charelle <[email protected]>
charellesandig
added a commit
to charellesandig/cactus
that referenced
this issue
Feb 23, 2023
…i#2243 Signed-off-by: charelle <[email protected]>
@charellesandig Thank you, assigning now! |
petermetz
pushed a commit
to charellesandig/cactus
that referenced
this issue
Mar 2, 2023
…i#2243 Signed-off-by: charelle <[email protected]>
|
Hi, I will be taking over this ticket from Charelle. |
@adrianbatuto You got it! |
petermetz
added
good-first-issue
petermetz
changed the title
petermetz
pushed a commit
to charellesandig/cactus
that referenced
this issue
Jul 24, 2023
Fixes hyperledger-cacti#2243 Co-authored-by: Peter Somogyvari <[email protected]> Signed-off-by: Peter Somogyvari <[email protected]> Signed-off-by: charelle.sandig <[email protected]>
petermetz
pushed a commit
to charellesandig/cactus
that referenced
this issue
Aug 15, 2023
Fixes hyperledger-cacti#2243 Co-authored-by: Peter Somogyvari <[email protected]> Signed-off-by: Peter Somogyvari <[email protected]> Signed-off-by: charelle.sandig <[email protected]>
petermetz
pushed a commit
to charellesandig/cactus
that referenced
this issue
Aug 17, 2023
Fixes hyperledger-cacti#2243 Co-authored-by: Peter Somogyvari <[email protected]> Signed-off-by: Peter Somogyvari <[email protected]> Signed-off-by: charelle.sandig <[email protected]>
petermetz
pushed a commit
to charellesandig/cactus
that referenced
this issue
Aug 17, 2023
Fixes hyperledger-cacti#2243 Co-authored-by: Peter Somogyvari <[email protected]> Signed-off-by: Peter Somogyvari <[email protected]> Signed-off-by: charelle.sandig <[email protected]>
petermetz
pushed a commit
that referenced
this issue
Aug 17, 2023
Fixes #2243 Co-authored-by: Peter Somogyvari <[email protected]> Signed-off-by: Peter Somogyvari <[email protected]> Signed-off-by: charelle.sandig <[email protected]>
sandeepnRES
pushed a commit
to sandeepnRES/cacti
that referenced
this issue
Dec 21, 2023
Fixes hyperledger-cacti#2243 Co-authored-by: Peter Somogyvari <[email protected]> Signed-off-by: Peter Somogyvari <[email protected]> Signed-off-by: charelle.sandig <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
The robot sent in a PR [1] to force the the transitive dependency upgrades via the lockfile without touching our actual dependencies, but we should follow-up to that by upgrading the direct dependencies as well so that in the event of the lock file getting wiped and recreated (which sometimes is necessary/hard to avoid) we won't fall back into having these vulnerabilities again.
[1] #2226
The text was updated successfully, but these errors were encountered: