-
Notifications
You must be signed in to change notification settings - Fork 392
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vulnerability fix: upgrade @adobe/css-tools to v4.3.2 #553
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at the changes made in the css-tools 4.3.2 commit (adobe/css-tools@1d90dea) their are no breaking changes.
Thus the suggested change from 4.3.1 to 4.3.2 causes no problem but does fix a vulnerability.
What is holding the team back from reviewing this PR and and having it merged? It's been 2 weeks already since it has been sent. |
Hey @nickmccurdy, hope your are doing well! Can we help here with something? |
This comment was marked as off-topic.
This comment was marked as off-topic.
Any updates on this? |
Is there something blocking you from merging and releasing this? |
Hey team, I know you all are probably very busy, but this PR looks a bit important since it's related with a security issue. Could any of you please merge this PR as soon as possible? cc @gnapse @nickmccurdy |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #553 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 27 27
Lines 668 668
Branches 252 254 +2
=========================================
Hits 668 668 ☔ View full report in Codecov by Sentry. |
🎉 This PR is included in version 6.1.6 🎉 The release is available on: Your semantic-release bot 📦🚀 |
What:
This PR bumps @adobe/css-tools to version 4.3.2
Why:
There is an existing advisory on version 4.3.1
GHSA-prr3-c3m5-p7q2
How:
Checklist: