Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix vln CVE 2021 23337 #3003

Merged
merged 10 commits into from
May 10, 2024
Merged

Fix vln CVE 2021 23337 #3003

merged 10 commits into from
May 10, 2024

Conversation

PavelMor25
Copy link
Contributor

Purpose

Approach

References

https://github.com/DevExpress/testcafe-hammerhead/security/dependabot/39

Pre-Merge TODO

  • Write tests for your proposed changes
  • Make sure that existing tests do not fail

dependabot bot and others added 9 commits December 1, 2023 05:28
@dependabot
build(deps): bump @adobe/css-tools from 4.3.1 to 4.3.2
3385ccc 
Bumps [@adobe/css-tools](https://github.com/adobe/css-tools) from 4.3.1 to 4.3.2.
- [Changelog](https://github.com/adobe/css-tools/blob/main/History.md)
- [Commits](https://github.com/adobe/css-tools/commits)

---
updated-dependencies:
- dependency-name: "@adobe/css-tools"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@PavelMor25
Merge branch 'dependabot/npm_and_yarn/adobe/css-tools-4.3.2' of https…
cc4de39 
…://github.com/DevExpress/testcafe-hammerhead
@PavelMor25
Merge branch 'master' of https://github.com/DevExpress/testcafe-hamme…
11d971e 
…rhead
@PavelMor25
Merge branch 'master' of https://github.com/DevExpress/testcafe-hamme…
cb33027 
…rhead
@PavelMor25
Merge branch 'master' of https://github.com/DevExpress/testcafe-hamme…
54429b5 
…rhead
@dependabot
build(deps-dev): bump express from 4.18.2 to 4.19.2
4ee78f0 
Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.18.2...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@PavelMor25
Merge branch 'dependabot/npm_and_yarn/express-4.19.2' of https://gith…
15dd4db 
…ub.com/DevExpress/testcafe-hammerhead
@PavelMor25
Merge branch 'master' of https://github.com/DevExpress/testcafe-hamme…
afeabb0 
…rhead
@PavelMor25
build: fix vln CVE-2021-23337
b3391a5
@Aleksey28 Aleksey28 requested a review from Bayheck May 10, 2024 09:33
@Aleksey28 Aleksey28 merged commit 6fae96f into DevExpress:master May 10, 2024
9 checks passed
@github-actions GitHub Actions
Copy link

Release v31.7.2 addresses this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Aleksey28 Aleksey28 Aleksey28 approved these changes

@Bayheck Bayheck Bayheck approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@PavelMor25 @Aleksey28 @Bayheck