From ca6dc6e3aa5a91863c2a00d6953afc7c37f8f4f2 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Aug 2024 15:06:30 +0000 Subject: [PATCH 1/2] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-STYLEDCOMPONENTS-3149924 --- package-lock.json | 16 ++++++++-------- package.json | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/package-lock.json b/package-lock.json index 236684e..b9a8245 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,7 +14,7 @@ "rxjs": "^7.5.5", "single-spa": "^5.9.3", "single-spa-react": "^4.3.1", - "styled-components": "^5.3.5", + "styled-components": "^5.3.7", "twin.macro": "^2.8.2" }, "devDependencies": { @@ -12217,10 +12217,10 @@ } }, "node_modules/styled-components": { - "version": "5.3.5", - "resolved": "https://registry.npmjs.org/styled-components/-/styled-components-5.3.5.tgz", - "integrity": "sha512-ndETJ9RKaaL6q41B69WudeqLzOpY1A/ET/glXkNZ2T7dPjPqpPCXXQjDFYZWwNnE5co0wX+gTCqx9mfxTmSIPg==", - "hasInstallScript": true, + "version": "5.3.7", + "resolved": "https://registry.npmjs.org/styled-components/-/styled-components-5.3.7.tgz", + "integrity": "sha512-JL1b4A79OGqav4TxkrNsuuQfy6ZnrpyQx6hBDQ3Hd3JyuR2IQuVNBpF+FCEWFNZpN5hj+fhkaEVWteVJ18f0tw==", + "license": "MIT", "dependencies": { "@babel/helper-module-imports": "^7.0.0", "@babel/traverse": "^7.4.5", @@ -23024,9 +23024,9 @@ "requires": {} }, "styled-components": { - "version": "5.3.5", - "resolved": "https://registry.npmjs.org/styled-components/-/styled-components-5.3.5.tgz", - "integrity": "sha512-ndETJ9RKaaL6q41B69WudeqLzOpY1A/ET/glXkNZ2T7dPjPqpPCXXQjDFYZWwNnE5co0wX+gTCqx9mfxTmSIPg==", + "version": "5.3.7", + "resolved": "https://registry.npmjs.org/styled-components/-/styled-components-5.3.7.tgz", + "integrity": "sha512-JL1b4A79OGqav4TxkrNsuuQfy6ZnrpyQx6hBDQ3Hd3JyuR2IQuVNBpF+FCEWFNZpN5hj+fhkaEVWteVJ18f0tw==", "requires": { "@babel/helper-module-imports": "^7.0.0", "@babel/traverse": "^7.4.5", diff --git a/package.json b/package.json index f8aa866..98cdbf6 100644 --- a/package.json +++ b/package.json @@ -64,7 +64,7 @@ "rxjs": "^7.5.5", "single-spa": "^5.9.3", "single-spa-react": "^4.3.1", - "styled-components": "^5.3.5", + "styled-components": "^5.3.7", "twin.macro": "^2.8.2" }, "types": "dist/madie-madie-util.d.ts", From af09560ea28c6dbad94c16e815cebd131fd6a1ef Mon Sep 17 00:00:00 2001 From: riddhi-desai Date: Wed, 7 Aug 2024 11:25:49 -0400 Subject: [PATCH 2/2] update unit_test_coverage to use codecov token and update version for codecov action --- .github/workflows/unit_test_coverage.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/unit_test_coverage.yml b/.github/workflows/unit_test_coverage.yml index 1a7fece..f8cf494 100644 --- a/.github/workflows/unit_test_coverage.yml +++ b/.github/workflows/unit_test_coverage.yml @@ -96,7 +96,9 @@ jobs: with: name: coverage - name: Upload code coverage to Codecov - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 with: file: lcov.info fail_ci_if_error: true + token: ${{ secrets.CODECOV_TOKEN }} # required + \ No newline at end of file