Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: audit vuln deps #332

Merged
merged 1 commit into from
Feb 17, 2025
Merged

fix: audit vuln deps #332

merged 1 commit into from
Feb 17, 2025

Conversation

peppescg
Copy link
Collaborator

No description provided.

@peppescg peppescg self-assigned this Feb 17, 2025
@stacklok-cloud-staging Stacklok Cloud (Staging)
Copy link

Minder Vulnerability Report ✅

Minder analyzed this PR and found it does not add any new vulnerable dependencies.

Vulnerability scan of a0928ebb:

  • 🐞 vulnerable packages: 0
  • 🛠 fixes available for: 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot requested changes Feb 17, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: hast

⚠️ Deprecated Package: This package is marked as archived. Proceed with caution!

Scoring details
Component Score
Package activity 6.4
Repository activity 4.2
User activity 8.6
Provenance unknown
Alternatives
Package Description
rehype

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot previously requested changes Feb 17, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: hast

⚠️ Deprecated Package: This package is marked as archived. Proceed with caution!

Scoring details
Component Score
Package activity 6.4
Repository activity 4.2
User activity 8.6
Provenance unknown

@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 13368369035

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.06%) to 69.732%
Totals Coverage Status
Change from base Build 13366671808: 0.06%
Covered Lines: 838
Relevant Lines: 1144
💛 - Coveralls

@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 13368371736

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.06%) to 69.732%
Totals Coverage Status
Change from base Build 13366671808: 0.06%
Covered Lines: 838
Relevant Lines: 1144
💛 - Coveralls

@peppescg peppescg merged commit 73c55a2 into main Feb 17, 2025
8 checks passed
@peppescg peppescg deleted the fix-vulns-deps branch February 17, 2025 10:45
@stacklokbot stacklokbot mentioned this pull request Feb 17, 2025
Merged
kantord pushed a commit that referenced this pull request Feb 17, 2025
@peppescg @kantord
fix: audit vuln deps (#332)
6463897
kantord added a commit that referenced this pull request Feb 17, 2025
@kantord @alex-mcgovern
@stacklokbot @dependabot @peppescg
feat: support PII on the dashboard (#326)
279fe57 
* test: make tabs-messages tests parametric

* filter table by pii alert type

* chore(main): release 0.16.0 (#325)

* chore(deps-dev): bump @types/react-dom from 19.0.2 to 19.0.3 (#330)

Bumps [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) from 19.0.2 to 19.0.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom)

---
updated-dependencies:
- dependency-name: "@types/react-dom"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: audit vuln deps (#332)

* implement pii summary icon

* add empty state for piiii

* add pii to conversation page

* fix type error

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Alex McGovern <[email protected]>
Co-authored-by: Stacklok Bot <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Giuseppe Scuglia <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alex-mcgovern alex-mcgovern alex-mcgovern approved these changes

@stacklok-cloud-staging stacklok-cloud-staging[bot] stacklok-cloud-staging[bot] left review comments

Assignees

@peppescg peppescg

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@peppescg @coveralls @alex-mcgovern