New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(audit) Report vulnerabilities in workspace package dependencies #6639

Merged

arcanis merged 3 commits into yarnpkg:master from rally25rs:audit-workspace-6625

Nov 7, 2018

+141 −2

Commits on Nov 5, 2018

added failing test for yarnpkg#6625

rally25rs committed Nov 5, 2018

Copy the full SHA

3d3defd View commit details

Browse the repository at this point in the history
fix(audit): Add workspaceAggregator dependencies to root manifest to …
```
…be audited.

This change takes the packages that are included as part of the workspace and adds them to what is
sent to the npm audit api.

fixes yarnpkg#6625
```
rally25rs committed Nov 5, 2018
Copy the full SHA

fbc387b View commit details

Browse the repository at this point in the history
update changelog for PR 6639

rally25rs committed Nov 5, 2018

Copy the full SHA

5b6cedf View commit details

Browse the repository at this point in the history