Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: cherry pick security fixes #8175

Merged
merged 1 commit into from
Sep 18, 2024
Merged

fix: cherry pick security fixes #8175

merged 1 commit into from
Sep 18, 2024

Conversation

gastonfournier
Copy link
Contributor

No description provided.

@vercel Vercel
Copy link

vercel bot commented Sep 18, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
unleash-monorepo-frontend ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 18, 2024 2:29pm
1 Skipped Deployment
Name Status Preview Comments Updated (UTC)
unleash-docs ⬜️ Ignored (Inspect) Visit Preview Sep 18, 2024 2:29pm

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 18, 2024
edited
Loading

Dependency Review

The following issues were found:

  • ✅ 0 vulnerable package(s)
  • ❌ 9 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ✅ 0 package(s) with unknown licenses.

View full job summary

nunogois
nunogois approved these changes Sep 18, 2024
View reviewed changes
Copy link
Member

@nunogois nunogois left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's up with the failing check?

@gastonfournier
Copy link
Contributor Author

What's up with the failing check?

I have no idea, I was curious about the same because in main it works well: https://github.com/Unleash/unleash/actions/runs/10924175490/job/30322576604

I'll take a look

@gastonfournier
Copy link
Contributor Author

The thing is that both Apache 2.0 and MIT are accepted in our branch https://github.com/Unleash/unleash/blob/6.2/.github/workflows/dependency-review.yml#L20:
image

@gastonfournier
Copy link
Contributor Author

Also, the diff:

git diff origin/main -- yarn.lock package.json

diff --git a/package.json b/package.json
index d28284851..e9b6b6093 100644
--- a/package.json
+++ b/package.json
@@ -58,7 +58,6 @@
     "test:watch": "yarn test --watch",
     "test:coverage": "NODE_ENV=test PORT=4243 jest --coverage --testLocationInResults --outputFile=\"coverage/report.json\" --forceExit --testTimeout=10000",
     "test:coverage:jest": "NODE_ENV=test PORT=4243 jest --silent --ci --json --coverage --testLocationInResults --outputFile=\"report.json\" --forceExit --testTimeout=10000",
-    "test:updateSnapshot": "NODE_ENV=test PORT=4243 jest --updateSnapshot --testTimeout=10000",
     "seed:setup": "ts-node --compilerOptions '{\"strictNullChecks\": false}' src/test/e2e/seed/segment.seed.ts",
     "seed:serve": "UNLEASH_DATABASE_NAME=unleash_test UNLEASH_DATABASE_SCHEMA=seed yarn run start:dev",
     "clean": "del-cli --force dist",

@gastonfournier gastonfournier merged commit 453722b into 6.2 Sep 18, 2024
10 of 11 checks passed
@gastonfournier gastonfournier deleted the cherry-pick-security-fixes branch September 18, 2024 15:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nunogois nunogois nunogois approved these changes

Assignees

@gastonfournier gastonfournier

Labels
None yet
Projects
Issues and PRs
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gastonfournier @nunogois