Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: pin colors@1.4.0 to fix security vuln #4229

Merged
merged 1 commit into from Jan 10, 2022
Merged

fix: pin colors@1.4.0 to fix security vuln #4229

merged 1 commit into from Jan 10, 2022

Conversation

mannyluvstacos
Copy link
Contributor

A Security Vuln was identified in the Colors package for >1.4.0, offending packages being 1.4.1, 1.4.44-liberty

This PR pins the color package to 1.4.0 as advised on the snyk page

  • Links to documentation:
  • Link to GitHub or NPM:
  • Type of contribution: new definition | addition | fix | refactor

Other notes:

@gantoine
Copy link
Member

gantoine commented Jan 10, 2022
edited

Thanks for the PR @mannyluvstacos, once I've verified the pin works we'll release a new version (most likely this evening)

@gantoine gantoine merged commit ae85c29 into flow-typed:master Jan 10, 2022
@mannyluvstacos
Copy link
Contributor Author

Thanks for the PR @mannyluvstacos, once I've verified the pin works we'll release a new version (most likely this evening)

You're most welcome @gantoine ! I am glad I was able to contribute.
🤞🏽 hopefully the verification goes without event!

@gantoine
Copy link
Member

@mannyluvstacos 3.6.1 has just been released with your fix, thanks again for the super quick PR!

@westeezy westeezy mentioned this pull request Jan 10, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gantoine gantoine gantoine approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mannyluvstacos @gantoine