Skip to content

fix(build): bump version to avoid CVEs #772

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
diatrcz merged 1 commit into from
Nov 18, 2025
Merged

fix(build): bump version to avoid CVEs #772

diatrcz merged 1 commit into from
Nov 18, 2025
+5 −29

Conversation

@diatrcz
Copy link
Contributor

@diatrcz diatrcz commented Nov 17, 2025

Bumps every js-yaml to 4.1.1 to avoid CVEs.

@diatrcz diatrcz requested a review from pyrooka November 17, 2025 14:48
pyrooka
pyrooka approved these changes Nov 18, 2025
View reviewed changes
Copy link
Member

@pyrooka pyrooka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@diatrcz diatrcz merged commit bb85feb into main Nov 18, 2025
7 checks passed
@diatrcz diatrcz deleted the lt/fix-cve branch November 18, 2025 13:55
@ibm-devx-sdk
Copy link

ibm-devx-sdk commented Nov 26, 2025

🎉 This PR is included in version 1.37.6 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

@ibm-devx-sdk
Copy link

ibm-devx-sdk commented Nov 28, 2025

🎉 This PR is included in version 1.33.4 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pyrooka pyrooka pyrooka approved these changes

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@diatrcz @ibm-devx-sdk @pyrooka