Do periodic security update (yarn audit) #1432
Comments
This was referenced Sep 8, 2020
|
Adding: #1433 (babel-eslint) |
|
Adding: #1434 (react-dom) |
|
Adding: #1435 (lodash, again) |
This was referenced Sep 15, 2020
|
Adding: #1436 (parallel-webpack) |
|
Adding: #1438 (sinon) |
|
Adding: #1440 (mocha) |
|
Adding: #1441 ( |
|
Adding: #1443 ( |
|
Adding: #1444 ( |
|
Adding: #1463 ( |
|
Adding: #1464 ( |
|
Adding: #1465 ( |
|
Adding: #1468 ( |
|
Adding: #1470 ( |
|
Adding: #1471 ( |
|
Adding: #1472 ( |
|
Adding: #1473 ( |
|
Adding: #1474 ( |
|
Adding: #1475 ( |
|
Adding: #1476 ( |
|
Adding: #1477 ( |
|
Adding: #1478 ( |
|
Adding: #1480 ( |
|
Adding: #1481 ( |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Similar to issues in other repos:
This issue will substitute these currently open dependabot PRs:
As always, will want to be extra careful with the node-sass update as it is very sensitive to NodeJS version in the environment.
Note that in this repo, too, we applied new config to limit Dependabot to one open PR at a time — it will still "spam" us, in the sense that if we close that PR it can open another, but at least we won't have up to 10 open PRs in the list at any one time.
More context on our policy here: https://github.com/liferay/liferay-frontend-guidelines/blob/master/general/security.md
The text was updated successfully, but these errors were encountered: