-
Notifications
You must be signed in to change notification settings - Fork 893
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CVE] Bump up axios to 1.7.2 to fix SNYK-JS-AXIOS-6144788 #7149
[CVE] Bump up axios to 1.7.2 to fix SNYK-JS-AXIOS-6144788 #7149
Conversation
Signed-off-by: Zilong Xia <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #7149 +/- ##
=======================================
Coverage 67.49% 67.49%
=======================================
Files 3468 3468
Lines 68363 68363
Branches 11110 11110
=======================================
Hits 46140 46140
Misses 19523 19523
Partials 2700 2700
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
The backport to
To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch-Dashboards/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch-Dashboards/backport-2.x
# Create a new branch
git switch --create backport/backport-7149-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 027122ef196fc958da1a565d6f2f4823d9e0ea44
# Push it to GitHub
git push --set-upstream origin backport/backport-7149-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch-Dashboards/backport-2.x Then, create a pull request where the |
…-project#7149) * [CVE] Bump up axios to 1.7.2 to fix SNYK-JS-AXIOS-6144788 Signed-off-by: Zilong Xia <[email protected]> * Changeset file for PR opensearch-project#7149 created/updated --------- Signed-off-by: Zilong Xia <[email protected]> Co-authored-by: opensearch-changeset-bot[bot] <154024398+opensearch-changeset-bot[bot]@users.noreply.github.com> (cherry picked from commit 027122e)
) * [CVE] Bump up axios to 1.7.2 to fix SNYK-JS-AXIOS-6144788 Signed-off-by: Zilong Xia <[email protected]> * Changeset file for PR #7149 created/updated --------- Signed-off-by: Zilong Xia <[email protected]> Co-authored-by: opensearch-changeset-bot[bot] <154024398+opensearch-changeset-bot[bot]@users.noreply.github.com> (cherry picked from commit 027122e) Co-authored-by: ZilongX <[email protected]>
Description
SNYK-JS-AXIOS-6144788
by bump upaxios
to1.7.2
Issues Resolved
https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788
Changelog
1.7.2
Check List
yarn test:jest
yarn test:jest_integration