chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy #38775

izzythecubemaster · 2023-12-21T22:10:40Z

Description

vulnerability found through:
[email protected]> gatsby-cli@^5.13.0 -> clipboardy@^2.3.0 -> execa@^1.0.0

Solved by upgrading clipboardy to ^3.0.0

Reduced vulnerabilities found with yarn audit --groups dependencies from 227 to 225

Tests remain unaffected.

pieh

Thanks!

* Upgrade clipboardy from ^2.3.0 to ^3.0.0 to reduce vulns from 227 to 225 * use latest * use await import for clipboardy as it's esm-only package now --------- Co-authored-by: k <id> Co-authored-by: Michal Piechowiak <[email protected]> (cherry picked from commit ee158d9)

…38776) * Upgrade clipboardy from ^2.3.0 to ^3.0.0 to reduce vulns from 227 to 225 * use latest * use await import for clipboardy as it's esm-only package now --------- Co-authored-by: k <id> Co-authored-by: Michal Piechowiak <[email protected]> (cherry picked from commit ee158d9) Co-authored-by: Israel Montoya <[email protected]>

pieh · 2023-12-22T09:23:29Z

Successfully published:
 - [email protected]
 - [email protected]
 - [email protected]

Upgrade clipboardy from ^2.3.0 to ^3.0.0 to reduce vulns from 227 to 225

608ef61

gatsbot bot added the status: triage needed Issue or pull request that need to be triaged and assigned to a reviewer label Dec 21, 2023

pieh added type: maintenance An issue or pull request describing a change that isn't a bug, feature or documentation change and removed status: triage needed Issue or pull request that need to be triaged and assigned to a reviewer labels Dec 22, 2023

pieh added 2 commits December 22, 2023 07:26

use latest

97cb3fc

use await import for clipboardy as it's esm-only package now

9ddf948

pieh changed the title ~~Update to non vulnerable version of clipboardy for gatsby dependencies~~ chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy Dec 22, 2023

pieh approved these changes Dec 22, 2023

View reviewed changes

pieh added the bot: merge on green Gatsbot will merge these PRs automatically when all tests passes label Dec 22, 2023

pieh merged commit ee158d9 into gatsbyjs:master Dec 22, 2023
32 of 34 checks passed

gatsbybot mentioned this pull request Dec 22, 2023

chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy (#38775) #38776

Merged

This was referenced May 7, 2024

[Snyk] Upgrade gatsby from 5.0.0 to 5.13.4 X-oss-byte/gatsby-1#709

Open

[Snyk] Upgrade gatsby from 5.12.4 to 5.13.4 X-oss-byte/gatsby-1#710

Open

monizb mentioned this pull request May 8, 2024

[Snyk] Security upgrade gatsby-source-contentful from 2.3.56 to 8.13.2 monizb/gatsby#1452

Open

X-oss-byte mentioned this pull request Oct 17, 2024

[Snyk] Upgrade gatsby-plugin-sharp from 5.0.0 to 5.13.1 X-oss-byte/gatsby-1#923

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy #38775

chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy #38775

izzythecubemaster commented Dec 21, 2023

pieh left a comment

pieh commented Dec 22, 2023

chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy #38775

chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy #38775

Conversation

izzythecubemaster commented Dec 21, 2023

Description

pieh left a comment

Choose a reason for hiding this comment

pieh commented Dec 22, 2023