Skip to content

fix(dev-deps): parcel vunlerabilities #3586

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jsjoeio merged 2 commits into from
Jun 9, 2021
Merged

fix(dev-deps): parcel vunlerabilities #3586

jsjoeio merged 2 commits into from
Jun 9, 2021

Conversation

@jsjoeio
Copy link
Contributor

@jsjoeio jsjoeio commented Jun 9, 2021

This fixes a couple vulnerabilities introduced by parcel.

Checklist

  • updated CHANGELOG.md

@jsjoeio jsjoeio requested a review from a team as a code owner June 9, 2021 21:00
@jsjoeio jsjoeio force-pushed the jsjoeio/upgrade-parcel branch from 22f4f66 to 60f9ec2 Compare June 9, 2021 21:00
@jsjoeio jsjoeio force-pushed the jsjoeio/fix-parcel-vunlerabilities branch from 28c3612 to 59d1097 Compare June 9, 2021 21:01
@jsjoeio jsjoeio self-assigned this Jun 9, 2021
@jsjoeio jsjoeio added the security Security related label Jun 9, 2021
@jsjoeio jsjoeio added this to the 3.11.0 milestone Jun 9, 2021
jawnsy
jawnsy approved these changes Jun 9, 2021
View reviewed changes
Copy link

@jawnsy jawnsy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes seem reasonable to me!

package.json
"safe-buffer": "^5.1.1",
"vfile-message": "^2.0.2"
"vfile-message": "^2.0.2",
"parcel/@parcel/config-default/@parcel/optimizer-cssnano/cssnano/cssnano-preset-default/postcss-svgo/svgo/css-select/css-what": "5.0.1",
Copy link

@jawnsy jawnsy Jun 9, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we forced to do this because we can't update parcel?

Copy link
Contributor Author

@jsjoeio jsjoeio Jun 9, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well we're updating parcel to v2 in #3578 but it doesn't have the fixes either 😅 AFAICT so this is the only solution.

@jsjoeio jsjoeio mentioned this pull request Jun 9, 2021
Closed
1 task
@jsjoeio jsjoeio merged commit fc075ce into jsjoeio/upgrade-parcel Jun 9, 2021
@jsjoeio jsjoeio deleted the jsjoeio/fix-parcel-vunlerabilities branch June 9, 2021 21:05
@jsjoeio jsjoeio mentioned this pull request Jun 9, 2021
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@jawnsy jawnsy jawnsy approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@jsjoeio jsjoeio

Labels

security Security related

Projects

None yet

Milestone

3.11.0

Development

Successfully merging this pull request may close these issues.

2 participants

@jsjoeio @jawnsy