-
Notifications
You must be signed in to change notification settings - Fork 280
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do periodic security update (yarn audit) #1432
Comments
Adding: #1433 (babel-eslint) |
Adding: #1434 (react-dom) |
Adding: #1435 (lodash, again) |
Adding: #1436 (parallel-webpack) |
Adding: #1438 (sinon) |
Adding: #1440 (mocha) |
Adding: #1441 ( |
Adding: #1443 ( |
Adding: #1444 ( |
Adding: #1463 ( |
Adding: #1464 ( |
Adding: #1465 ( |
Adding: #1468 ( |
Adding: #1470 ( |
Adding: #1471 ( |
Adding: #1472 ( |
Adding: #1473 ( |
Adding: #1474 ( |
Adding: #1475 ( |
Adding: #1476 ( |
Adding: #1477 ( |
Adding: #1478 ( |
Adding: #1480 ( |
Adding: #1481 ( |
Similar to issues in other repos:
This issue will substitute these currently open dependabot PRs:
As always, will want to be extra careful with the node-sass update as it is very sensitive to NodeJS version in the environment.
Note that in this repo, too, we applied new config to limit Dependabot to one open PR at a time — it will still "spam" us, in the sense that if we close that PR it can open another, but at least we won't have up to 10 open PRs in the list at any one time.
More context on our policy here: https://github.com/liferay/liferay-frontend-guidelines/blob/master/general/security.md
The text was updated successfully, but these errors were encountered: