Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(security): fix security issue in prismjs dep #7493

Merged
merged 1 commit into from Sep 10, 2021
Merged

fix(security): fix security issue in prismjs dep #7493

merged 1 commit into from Sep 10, 2021

Conversation

char0n
Copy link
Member

@char0n char0n commented Sep 10, 2021
edited

Refs #7492

Description

react-syntax-highlighter@15.4.3 requires prismjs@~1.23.0 via refractor@3.3.1

Motivation and Context

Upgrade prismjs to version 1.24.0 or later due to security issues in earlier versions

My PR contains...

  • No code changes (src/ is unmodified: changes to documentation, CI, metadata, etc.)
  • Dependency changes (any modification to dependencies in package.json)
  • Bug fixes (non-breaking change which fixes an issue)
  • Improvements (misc. changes to existing features)
  • Features (non-breaking change which adds functionality)

My changes...

  • are breaking changes to a public API (config options, System API, major UI change, etc).
  • are breaking changes to a private API (Redux, component props, utility functions, etc.).
  • are breaking changes to a developer API (npm script behavior changes, new dev system dependencies, etc).
  • are not breaking changes.

Documentation

  • My changes do not require a change to the project documentation.
  • My changes require a change to the project documentation.
  • If yes to above: I have updated the documentation accordingly.

Automated tests

  • My changes can not or do not need to be tested.
  • My changes can and should be tested by unit and/or integration tests.
  • If yes to above: I have added tests to cover my changes.
  • If yes to above: I have taken care to cover edge cases in my tests.
  • All new and existing tests passed.

@char0n char0n added cat: security version: 3.x security vulnerability Security vulnerability detected by WhiteSource security fix Security fix generated by WhiteSource labels Sep 10, 2021
@char0n char0n self-assigned this Sep 10, 2021
@char0n char0n merged commit 2a1b710 into master Sep 10, 2021
@char0n char0n deleted the char0n/fix-prismjs-security branch September 13, 2021 11:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@char0n char0n

Labels
cat: security security fix Security fix generated by WhiteSource security vulnerability Security vulnerability detected by WhiteSource version: 3.x
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@char0n