Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: LEAP-498, LEAP-500, LEAP-501, LEAP-503: Fix security vulnerabilities in the dependencies #5309

Merged
merged 7 commits into from
Jan 25, 2024
Merged

fix: LEAP-498, LEAP-500, LEAP-501, LEAP-503: Fix security vulnerabilities in the dependencies #5309

merged 7 commits into from
Jan 25, 2024

Conversation

juliosgarbi
Copy link
Contributor

PR fulfills these requirements

  • Commit message(s) and PR title follows the format [fix|feat|ci|chore|doc]: TICKET-ID: Short description of change made ex. fix: DEV-XXXX: Removed inconsistent code usage causing intermittent errors
  • Tests for the changes have been added/updated (for bug fixes/features)
  • Docs have been added/updated (for bug fixes/features)
  • Best efforts were made to ensure docs/code are concise and coherent (checked for spelling/grammatical errors, commented out code, debug logs etc.)
  • Self-reviewed and ran all changes on a local instance (for bug fixes/features)

Change has impacts in these area(s)

(check all that apply)

  • Product design
  • Backend (Database)
  • Backend (API)
  • Frontend

Describe the reason for change

This PR addresses security vulnerabilities identified in the dependencies of the project. The affected dependencies include jpeg-js, d3-color, merge, and diff. The primary goal is to ensure the security and stability of the application by applying necessary updates.

What does this fix?

By resolving these security vulnerabilities in the dependencies, this change significantly enhances the security and reliability of the project. It ensures that potential security threats and vulnerabilities are mitigated, providing a safer environment for users and data.

What libraries were added/updated?

"jpeg-js": "0.4.4"
"d3-color": "3.1.0"
"merge": "2.1.1"
"diff": "3.5.0"

@github-actions github-actions bot added the fix label Jan 19, 2024
@netlify Netlify
Copy link

netlify bot commented Jan 19, 2024
edited
Loading

Deploy Preview for heartex-docs canceled.

Name Link
🔨 Latest commit ec95d33
🔍 Latest deploy log https://app.netlify.com/sites/heartex-docs/deploys/65b267f653db1d0008b25374

@netlify Netlify
Copy link

netlify bot commented Jan 19, 2024
edited
Loading

Deploy Preview for label-studio-docs-new-theme canceled.

Name Link
🔨 Latest commit 8150b9e
🔍 Latest deploy log https://app.netlify.com/sites/label-studio-docs-new-theme/deploys/65aa72a7324a130008ed999b

@netlify Netlify
Copy link

netlify bot commented Jan 19, 2024
edited
Loading

Deploy Preview for label-studio-docs-new-theme canceled.

Name Link
🔨 Latest commit ec95d33
🔍 Latest deploy log https://app.netlify.com/sites/label-studio-docs-new-theme/deploys/65b267f6a24c8c0008ce1fd9

@juliosgarbi juliosgarbi changed the title fix: LEAP-498: Fix security issues on dependencies fix: LEAP-498, LEAP-500, LEAP-501, LEAP-503: Fix security issues on dependencies Jan 19, 2024
@juliosgarbi juliosgarbi changed the title fix: LEAP-498, LEAP-500, LEAP-501, LEAP-503: Fix security issues on dependencies fix: LEAP-498, LEAP-500, LEAP-501, LEAP-503: Fix security vulnerabilities in the dependencies Jan 19, 2024
@juliosgarbi juliosgarbi enabled auto-merge (squash) January 25, 2024 13:54
@juliosgarbi juliosgarbi merged commit 44e5f69 into develop Jan 25, 2024
23 of 25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yyassi-heartex yyassi-heartex yyassi-heartex approved these changes

@bmartel bmartel bmartel approved these changes

Assignees
No one assigned
Labels
fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@juliosgarbi @bmartel @yyassi-heartex @robot-ci-heartex