Skip to content
This repository has been archived by the owner on May 3, 2024. It is now read-only.

Update dependency moment to v2.29.2 (main) #617

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency moment to v2.29.2 (main) #617

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link
Contributor

@mend-for-github-com mend-for-github-com bot commented Apr 6, 2022
edited
Loading

This PR contains the following updates:

Package Type Update Change
moment (source) dependencies patch 2.29.1 -> 2.29.2

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
High 7.5 CVE-2022-24785 #616

Release Notes

moment/moment

v2.29.2

Compare Source

  • Release Apr 3 2022

Address GHSA-8hfj-j24r-96c4

  • If you want to rebase/retry this PR, click this checkbox.

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Apr 6, 2022
@cla-bot
Copy link

cla-bot bot commented Apr 6, 2022

Thanks for your contribution!
The CLA bot has flagged your contribution as not having a Contributor License Agreement
in place. Note that this is not needed in the overwhelming majority of instances and this warning will usually be ignored.
The code reviewers will make a determination and may ask you to sign a CLA or may choose to ignore this warning.
More information about this can be found here.

@cortx-admin
Copy link

Can one of the admins verify this patch?

@stale
Copy link

stale bot commented Apr 13, 2022

This issue/pull request has been marked as needs attention as it has been left pending without new activity for 4 days. Tagging @ajaysrivas @kupranay for appropriate assignment. Sorry for the delay & Thank you for contributing to CORTX. We will get back to you as soon as possible.

@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/main-moment-2.x branch from 1bea1af to e22a9b5 Compare April 26, 2022 16:16
@cla-bot
Copy link

cla-bot bot commented Apr 26, 2022

Thanks for your contribution!
The CLA bot has flagged your contribution as not having a Contributor License Agreement
in place. Note that this is not needed in the overwhelming majority of instances and this warning will usually be ignored.
The code reviewers will make a determination and may ask you to sign a CLA or may choose to ignore this warning.
More information about this can be found here.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ajaysrivas ajaysrivas Awaiting requested review from ajaysrivas

@kupranay kupranay Awaiting requested review from kupranay

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
needs-attention security fix Security fix generated by WhiteSource
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cortx-admin