Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix dependency vulnerabilites #1723

Merged
merged 3 commits into from
Nov 17, 2023
Merged

Fix dependency vulnerabilites #1723

merged 3 commits into from
Nov 17, 2023

Conversation

MLobo1997
Copy link
Contributor

Description of proposed changes

The security score on Snyk is very low

Related issue(s)

Fixes # (issue)

Test plan

Checklist

Need help on these? Just ask!

  • I have read the CONTRIBUTING document.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • I have run tox -e complex and/or tox -e spark if appropriate.
  • All new and existing tests passed.

@MLobo1997 MLobo1997 marked this pull request as ready for review July 19, 2023 10:01
@MLobo1997 MLobo1997 marked this pull request as draft July 19, 2023 10:01
@bhancock8
Copy link
Member

Thanks for the requested dependency upgrades, @MLobo1997! We'll wait to approve until you mark this PR as no longer in draft, but then we'd be happy to merge in changes like these.

@MLobo1997
Copy link
Contributor Author

Hey @bhancock8, what's happened with the CI of this repo? There seem to be no longer any builds on circleci

@bhancock8 bhancock8 requested a review from fpoms July 20, 2023 16:07
@bhancock8
Copy link
Member

Hmm, interesting. 🤔 We'll take a look. Thanks for flagging @MLobo1997.

@MLobo1997
Copy link
Contributor Author

That would be great, thanks @bhancock8! If you need anything let me know. I'll polish this PR once the builds are back in place.

@bhancock8
Copy link
Member

bhancock8 commented Jul 23, 2023
edited
Loading

Sounds good. I see that we intentionally migrated from Travis to Circle back in Dec 2021 (#1685). Not sure where the Circle config file went though since then. @fpoms is going to take a look.

@fpoms
Copy link
Contributor

fpoms commented Jul 25, 2023

@MLobo1997 Thanks for flagging this—from what I can tell, there seems to be something amiss on the CircleCI side of things. I’ve contacted them and am working toward a resolution. Will update you when I’ve heard back!

@fpoms
Copy link
Contributor

fpoms commented Aug 1, 2023

@MLobo1997 Builds should be working again! The CircleCI auth keys had expired just recently, so CircleCI wasn't able to pickup the config. Let me know if it isn't working for you still.

@bhancock8 bhancock8 added the no-stale Auto-stale bot skips this issue label Aug 18, 2023
@github-actions GitHub Actions
Copy link

This pull request is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 7 days.

@bhancock8 bhancock8 marked this pull request as ready for review November 17, 2023 17:26
@bhancock8 bhancock8 self-requested a review November 17, 2023 17:26
bhancock8
bhancock8 approved these changes Nov 17, 2023
View reviewed changes
Copy link
Member

@bhancock8 bhancock8 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pretty straightforward bump of dependencies. Looks good to me!

@bhancock8 bhancock8 merged commit 7300db7 into snorkel-team:main Nov 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bhancock8 bhancock8 bhancock8 approved these changes

@fpoms fpoms Awaiting requested review from fpoms

Assignees
No one assigned
Labels
no-pr-activity no-stale Auto-stale bot skips this issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MLobo1997 @bhancock8 @fpoms