Skip to content

Update dependencies: tar and ansi-regex #38

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 3, 2021
Merged

Conversation

edhzsz
Copy link
Contributor

@edhzsz edhzsz commented Oct 20, 2021

Description of changes:

These current versions of these dependencies have reports of
vulnerabilities. Both are transient development dependencies
and are used only during transpiling the Typescript files, or during
linting.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

These current versions of these dependencies have reports of
vulnerabilities. Both are transient development dependencies
and are used only during transpiling the Typescript files, or during
linting.
"requires": true,
"packages": {
"": {
"name": "aws-lambda-ric",
"version": "1.1.0",
"version": "2.0.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this an expected change?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, 2.0.0 is the current version of this library.

@@ -7506,6 +7624,14 @@
"minipass": "^3.1.1"
}
},
"string_decoder": {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a new dependency, expected?

Copy link
Contributor Author

@edhzsz edhzsz Oct 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not a new dependency. This package depends on it already.

It is unexpected that shows as new dependency, but the lockfileVersion changed so I assume this is the result of it.

@carlzogh carlzogh merged commit c31c41f into aws:main Nov 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants