Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update ua parser gs version to close security vulnerability #6189

Merged
merged 2 commits into from
Jul 24, 2023
Merged

Update ua parser gs version to close security vulnerability #6189

merged 2 commits into from
Jul 24, 2023

Conversation

alismx
Copy link
Collaborator

@alismx alismx commented Jul 21, 2023
edited
Loading

DEVOPS PULL REQUEST

Related Issue

Changes Proposed

  • Update ua parser gs to a version that is not vulnerable

Additional Info

  • This is prep for turning on dependabot security PRs.

Checklist for Primary Reviewer

Infrastructure

  • Consult the results of the terraform-plan job inside the "Terraform Checks" workflow run for this PR. Confirm that there are no unexpected changes!

Security

  • Changes with security implications have been approved by a security engineer (changes to authentication, encryption, handling of PII, etc.)
  • Any dependencies introduced have been vetted and discussed

Cloud

  • Oncall has been notified if this change is going in after-hours
  • If there are changes that cannot be tested locally, this has been deployed to our Azure test, dev, or pentest environment for verification

Documentation

  • Any changes to the startup configuration have been documented in the README

@alismx alismx temporarily deployed to Dev July 21, 2023 00:21 — with GitHub Actions Inactive
@alismx alismx marked this pull request as ready for review July 22, 2023 03:06
@alismx alismx requested review from zdeveloper, mehansen, rin-skylight, a team, BobanL and emyl3 and removed request for a team July 22, 2023 03:07
johanna-skylight
johanna-skylight approved these changes Jul 24, 2023
View reviewed changes
Copy link
Contributor

@johanna-skylight johanna-skylight left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

emyl3
emyl3 approved these changes Jul 24, 2023
View reviewed changes
Copy link
Collaborator

@emyl3 emyl3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!!

@sonarcloud
Copy link

sonarcloud bot commented Jul 24, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@alismx alismx merged commit 7c022dd into main Jul 24, 2023
33 checks passed
@alismx alismx deleted the alis/security_update_usparsergs_0735 branch July 24, 2023 18:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emyl3 emyl3 emyl3 approved these changes

@fzhao99 fzhao99 fzhao99 approved these changes

@johanna-skylight johanna-skylight johanna-skylight approved these changes

@zdeveloper zdeveloper Awaiting requested review from zdeveloper

@mehansen mehansen Awaiting requested review from mehansen

@rin-skylight rin-skylight Awaiting requested review from rin-skylight

@BobanL BobanL Awaiting requested review from BobanL

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@alismx @emyl3 @fzhao99 @johanna-skylight