Skip to content

chore: update dependency shelljs to ^0.8.5 #18079

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 3, 2024
Merged

chore: update dependency shelljs to ^0.8.5 #18079

merged 1 commit into from
Feb 3, 2024

Conversation

fasttime
Copy link
Member

@fasttime fasttime commented Feb 3, 2024

Prerequisites checklist

What is the purpose of this pull request? (put an "X" next to an item)

[ ] Documentation update
[ ] Bug fix (template)
[ ] New rule (template)
[ ] Changes an existing rule (template)
[ ] Add autofix to a rule
[ ] Add a CLI option
[ ] Add something to the core
[X] Other, please explain:

Upgrade a dependency's version range.

What changes did you make? (Give an overview)

Versions of shelljs before v.0.8.5 are affected by a high rated vulnerability. It's unlikely that anyone working with the ESLint repo has one of those older versions installed, but they are not automatically updated as long as they match the version range in package.json. This PR updates package.json to ensure that only shelljs ^0.8.5 is used.

NVD advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-0144

Is there anything you'd like reviewers to focus on?

@eslint-github-bot eslint-github-bot bot added the chore This change is not user-facing label Feb 3, 2024
@netlify Netlify
Copy link

netlify bot commented Feb 3, 2024
edited
Loading

Deploy Preview for docs-eslint canceled.

Name Link
🔨 Latest commit fae220b
🔍 Latest deploy log https://app.netlify.com/sites/docs-eslint/deploys/65be2ee04c0f4c0009e9ed43

@fasttime fasttime marked this pull request as ready for review February 3, 2024 12:22
@fasttime fasttime requested a review from a team as a code owner February 3, 2024 12:22
mdjermanovic
mdjermanovic approved these changes Feb 3, 2024
View reviewed changes
Copy link
Member

@mdjermanovic mdjermanovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@mdjermanovic mdjermanovic merged commit 8f06a60 into main Feb 3, 2024
@mdjermanovic mdjermanovic deleted the upgrade-shelljs branch February 3, 2024 12:51
@eslint-github-bot eslint-github-bot bot locked and limited conversation to collaborators Aug 2, 2024
@eslint-github-bot eslint-github-bot bot added the archived due to age This issue has been archived; please open a new issue for any further discussion label Aug 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@mdjermanovic mdjermanovic mdjermanovic approved these changes

Assignees

No one assigned

Labels

archived due to age This issue has been archived; please open a new issue for any further discussion chore This change is not user-facing

Projects

Triage
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fasttime @mdjermanovic