Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix GHSA-h726-x36v-rx45 #16485

Merged
merged 12 commits into from
Jul 19, 2022
Merged

Fix GHSA-h726-x36v-rx45 #16485

merged 12 commits into from
Jul 19, 2022

Conversation

tintse-thxsky-MSFT
Copy link
Contributor

@tintse-thxsky-MSFT tintse-thxsky-MSFT commented Jun 23, 2022
edited
Loading

Task name: Tasks/Common/packaging-common/package.json

Description: Fix GHSA-h726-x36v-rx45. Since the root dependency that uses lodash, ip-address, is no longer being used anywhere in packaging-common, I decided to remove "ip-address" from package.json

Documentation changes required: N

Added unit tests: N

Attached related issue: GHSA-h726-x36v-rx45

Checklist:

  • Task version was bumped - please check instruction how to do it
  • Checked that applied changes work as expected

@satbai
Copy link
Contributor

satbai commented Jun 30, 2022

Make sure you bump the version of the tasks that use packaging-common
https://github.com/microsoft/azure-pipelines-tasks/tree/master/docs/taskversionbumping.md

@ghost
Copy link

ghost commented Jul 12, 2022
edited by ghost
Loading

CLA assistant check
All CLA requirements met.

@mpodriezov
Copy link
Contributor

/azp

@azure-pipelines
Copy link

Supported commands
  • help:
    • Get descriptions, examples and documentation about supported commands
    • Example: help "command_name"
  • list:
    • List all pipelines for this repository using a comment.
    • Example: "list"
  • run:
    • Run all pipelines or specific pipelines for this repository using a comment. Use this command by itself to trigger all related pipelines, or specify specific pipelines to run.
    • Example: "run" or "run pipeline_name, pipeline_name, pipeline_name"
  • where:
    • Report back the Azure DevOps orgs that are related to this repository and org
    • Example: "where"

See additional documentation.

@mpodriezov
Copy link
Contributor

/azp run

@azure-pipelines
Copy link

Azure Pipelines successfully started running 4 pipeline(s).

satbai
satbai approved these changes Jul 18, 2022
View reviewed changes
Copy link
Contributor

@satbai satbai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@tintse-thxsky-MSFT tintse-thxsky-MSFT merged commit 757e752 into microsoft:master Jul 19, 2022
@tintse-thxsky-MSFT tintse-thxsky-MSFT deleted the Microsoft/user/tintse/lodash branch July 19, 2022 18:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@satbai satbai satbai approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tintse-thxsky-MSFT @satbai @mpodriezov