Skip to content

Updates dependency cookie from ^0.5.0 to ^0.7.2 #1326

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 9, 2024
Merged

Updates dependency cookie from ^0.5.0 to ^0.7.2 #1326

merged 4 commits into from
Oct 9, 2024

Conversation

fsmeier
Copy link
Contributor

@fsmeier fsmeier commented Oct 8, 2024

Resolves #1325

See GHSA-pxg6-pf52-xh8x for more information

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Oct 8, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 23a1df4

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 14 packages
Name Type
@keystatic/core Patch
@keystatic/astro Patch
@keystar/docs Patch
@example/astro-content Patch
@example/astro Patch
@example/localization Patch
@example/next-app Patch
@example/next-block-builder Patch
@example/next-pages Patch
@keystatic/remix-test-app Patch
keystatic-docs Patch
@keystatic/templates-astro Patch
@keystatic/templates-nextjs Patch
@keystatic/templates-remix Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

emmatown
emmatown approved these changes Oct 9, 2024
View reviewed changes
Copy link
Member

@emmatown emmatown left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updating this is fine but I just want to note that this never caused a vulnerability in Keystatic

@emmatown emmatown marked this pull request as ready for review October 9, 2024 01:05
@emmatown emmatown merged commit 6d7fae2 into Thinkmill:main Oct 9, 2024
5 checks passed
@github-actions github-actions bot mentioned this pull request Oct 9, 2024
Merged
@fsmeier
Copy link
Contributor Author

fsmeier commented Oct 9, 2024
edited
Loading

Updating this is fine but I just want to note that this never caused a vulnerability in Keystatic

oh yes, I agree, just the security checks were complaining for us :D so I wanted to get rid of it. Thx for merging

@fsmeier
Copy link
Contributor Author

fsmeier commented Oct 9, 2024

Lol, between my PR and your processing there was even a new release of cookie :D thx for directly updating it

@fsmeier
Copy link
Contributor Author

fsmeier commented Oct 9, 2024

What needs to be done to have a new tag available for these two packages?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@emmatown emmatown emmatown approved these changes

@simonswiss simonswiss Awaiting requested review from simonswiss

@BarnabyBishop BarnabyBishop Awaiting requested review from BarnabyBishop BarnabyBishop is a code owner

@JedWatson JedWatson Awaiting requested review from JedWatson JedWatson is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CVE-2024-47764

2 participants

@fsmeier @emmatown