Skip to content

fix: upgrade @adobe/css-tools to 4.3.2 to address vulnerability#555

Closed
lernerb wants to merge 1 commit intotesting-library:mainfrom
lernerb:patch-1
Closed

fix: upgrade @adobe/css-tools to 4.3.2 to address vulnerability#555
lernerb wants to merge 1 commit intotesting-library:mainfrom
lernerb:patch-1

Conversation

@lernerb
Copy link
Copy Markdown

@lernerb lernerb commented Dec 5, 2023

What:
Per GitHub Advisory (GHSA-prr3-c3m5-p7q2), updating to 4.3.2 for all consumers of this package.

Why:
All consumers would have to do an audit fix and manually override to 4.3.2, this forces it for folks.

How:
Updates the package.json file to force one higher patch version that does not have the security issue.

Checklist:

  • Documentation
  • Tests
  • Updated Type Definitions
  • Ready to be merged

@lernerb
fix: upgrade @adobe/css-tools to 4.3.2 to address vulnerability
993ccec 
Per GitHub Advisory (GHSA-prr3-c3m5-p7q2), updating to 4.3.2 for all consumers of this package.
@lernerb lernerb mentioned this pull request Dec 5, 2023
Merged
4 tasks
@lernerb
Copy link
Copy Markdown
Author

lernerb commented Dec 5, 2023

Ah looks like someone beat me to this, i'll close this in favor of #553

@lernerb lernerb closed this Dec 5, 2023
@specialdoom specialdoom mentioned this pull request Dec 28, 2023
Merged
5 tasks
@specialdoom specialdoom mentioned this pull request Jan 26, 2024
Closed
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lernerb