Upgrade package parse-url to fix the security issue #3337

Danieladu · 2021-02-23T02:20:06Z

Description

Package url-parser with version 1.5.0 has a security issue.
Upgrade to 1.5.1

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-27515

coveralls · 2021-02-23T02:34:37Z

Pull Request Test Coverage Report for Build 593994083

0 of 0 changed or added relevant lines in 0 files are covered.
No unchanged relevant lines lost coverage.
Overall coverage increased (+0.05%) to 84.885%

Totals
Change from base Build 585712775:	0.05%
Covered Lines:	18590
Relevant Lines:	20883

💛 - Coveralls

joshgummersall · 2021-02-23T21:51:12Z

@Danieladu I reverted changes to private (unpublished) packages to unblock the tests. We can upgrade those packages one the streaming E2E test is working again.

* update package parse-url * Revert changes to private packages Co-authored-by: Josh Gummersall <jgummersall@microsoft.com>

* update package parse-url * Revert changes to private packages Co-authored-by: Josh Gummersall <jgummersall@microsoft.com> Co-authored-by: Hongyang Du (hond) <hond@microsoft.com>

update package parse-url

29e2ef1

Danieladu requested review from joshgummersall, stevengum and a team as code owners February 23, 2021 02:20

joshgummersall approved these changes Feb 23, 2021

View reviewed changes

Revert changes to private packages

32760f7

joshgummersall merged commit 875d1f7 into main Feb 23, 2021

joshgummersall deleted the hond/upgrade-url-parse branch February 23, 2021 22:07

joshgummersall pushed a commit that referenced this pull request Feb 23, 2021

Upgrade package parse-url to fix the security issue (#3337)

c5e5fe3

* update package parse-url * Revert changes to private packages Co-authored-by: Josh Gummersall <jgummersall@microsoft.com>

joshgummersall mentioned this pull request Feb 23, 2021

(4.12) cherrypick: #3337 #3338

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade package parse-url to fix the security issue #3337

Upgrade package parse-url to fix the security issue #3337

Danieladu commented Feb 23, 2021

coveralls commented Feb 23, 2021 •

edited

Loading

joshgummersall commented Feb 23, 2021

Upgrade package parse-url to fix the security issue #3337

Upgrade package parse-url to fix the security issue #3337

Conversation

Danieladu commented Feb 23, 2021

Description

coveralls commented Feb 23, 2021 • edited Loading

Pull Request Test Coverage Report for Build 593994083

💛 - Coveralls

joshgummersall commented Feb 23, 2021

coveralls commented Feb 23, 2021 •

edited

Loading