-
Notifications
You must be signed in to change notification settings - Fork 884
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
change geckodriver version to make consistency #2772
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9071,15 +9071,15 @@ gauge@~2.7.3: | |
strip-ansi "^3.0.1" | ||
wide-align "^1.1.0" | ||
|
||
geckodriver@^3.0.1: | ||
version "3.0.2" | ||
resolved "https://registry.yarnpkg.com/geckodriver/-/geckodriver-3.0.2.tgz#6bd69166a24859c5edbc6ece9868339378b6c97b" | ||
integrity sha512-GHOQzQnTeZOJdcdEXLuzmcRwkbHuei1VivXkn2BLyleKiT6lTvl0T7vm+d0wvr/EZC7jr0m1u1pBHSfqtuFuNQ== | ||
geckodriver@^3.0.2: | ||
version "3.2.0" | ||
Comment on lines
+9074
to
+9075
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is this intentional? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. yes, ^3.0.2 will fetch the latest patch version. though we only require 3.0.2 to solve the cve, there is no breaking changes. |
||
resolved "https://registry.yarnpkg.com/geckodriver/-/geckodriver-3.2.0.tgz#6b0a85e2aafbce209bca30e2d53af857707b1034" | ||
integrity sha512-p+qR2RKlI/TQoCEYrSuTaYCLqsJNni96WmEukTyXmOmLn+3FLdgPAEwMZ0sG2Cwi9hozUzGAWyT6zLuhF6cpiQ== | ||
dependencies: | ||
adm-zip "0.5.9" | ||
bluebird "3.7.2" | ||
got "11.8.5" | ||
https-proxy-agent "5.0.0" | ||
https-proxy-agent "5.0.1" | ||
tar "6.1.11" | ||
|
||
gensync@^1.0.0-beta.2: | ||
|
@@ -10102,10 +10102,10 @@ https-browserify@^1.0.0: | |
resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73" | ||
integrity sha1-7AbBDgo0wPL68Zn3/X/Hj//QPHM= | ||
|
||
https-proxy-agent@5.0.0, https-proxy-agent@^5.0.0: | ||
version "5.0.0" | ||
resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz#e2a90542abb68a762e0a0850f6c9edadfd8506b2" | ||
integrity sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA== | ||
https-proxy-agent@5.0.1, https-proxy-agent@^5.0.0: | ||
version "5.0.1" | ||
resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz#c59ef224a04fe8b754f3db0063a25ea30d0005d6" | ||
integrity sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA== | ||
dependencies: | ||
agent-base "6" | ||
debug "4" | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably a tossup, but I think this goes under security.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the PR: #2397 that solves CVE. It is merged before we start updating CHANGLOG. This PR is just for consistency purpose which is brought in by a previous PR. Here are more details:
#2771
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we put it in security or bug? @joshuarrrr @AMoo-Miki
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lol, I changed my mind - since it's an after the fact cleanup, just put it under "Maintenance".