Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update ws #1888

Merged
merged 1 commit into from
Sep 28, 2024
Merged

chore: update ws #1888

merged 1 commit into from
Sep 28, 2024

Conversation

mstruebing
Copy link
Member

Update ws to version 8.18 because of a security vulnerability and npm dependencies to latest versions according to our version constraints.

@mstruebing mstruebing self-assigned this Sep 26, 2024
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Sep 26, 2024
@brendandburns
Copy link
Contributor

This has a ton of updates to package-lock. Are these all related to the ws update?

I would have thought that dependabot would be keeping everything up to date.

@mstruebing
Copy link
Member Author

They are not all related to ws - I ran npm update as well.
If you would feel better with only the ws update i will update the PRs accordingly.

@k8s-ci-robot k8s-ci-robot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Sep 26, 2024
@mstruebing mstruebing changed the title chore: update ws and run npm update chore: update ws Sep 26, 2024
@mstruebing
Copy link
Member Author

@brendandburns I've updated both PRs to only update ws withour running npm update.

I would also have thought that dependabot will take care but it since quite a while since this appeared I've decided to do it manually.

@brendandburns
Copy link
Contributor

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Sep 28, 2024
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: brendandburns, mstruebing

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [brendandburns,mstruebing]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit 7f50e00 into master Sep 28, 2024
7 checks passed
@Omrisnyk Omrisnyk mentioned this pull request Oct 15, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brendandburns brendandburns Awaiting requested review from brendandburns

@davidgamero davidgamero Awaiting requested review from davidgamero

Assignees

@brendandburns brendandburns

@mstruebing mstruebing

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mstruebing @brendandburns @k8s-ci-robot