Skip to content

fix: update vulnerable package

Rashaad Gray requested to merge slb/rg/update-vulnerable-package into master

Type of change

  • Bug Fix
  • Feature
  • Pipeline
  • Test
  • Documentation

Does this introduce a change in the core logic?

  • No
  • Yes

Does this introduce a change in the cloud provider implementation, if so which cloud?

  • AWS
  • Anthos
  • Azure
  • GCP
  • IBM

Does this follow conventional commits spec?

  • No
  • Yes

Have you set the target Milestone?

  • No
  • Yes

Have you set the no-detached-pipeline label?

  • No
  • Yes

Updates description?

Updates vulnerable package versions of micromatch & braces https://www.cve.org/CVERecord?id=CVE-2024-4067 https://www.cve.org/CVERecord?id=CVE-2024-4068

Merge request reports

Loading