Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix security alert "Upgrade dot-prop to version 5.1.1 or later" #2601

Merged
merged 3 commits into from
Aug 4, 2020
Merged

Fix security alert "Upgrade dot-prop to version 5.1.1 or later" #2601

merged 3 commits into from
Aug 4, 2020

Conversation

dpatil-magento
Copy link
Contributor

Description

TODO: Describe your changes in detail here.

Related Issue

Closes #ISSUE_NUMBER.

Acceptance

Verification Stakeholders

Specification

Verification Steps

  1. bash docker/run-docker should work

Screenshots / Screen Captures (if appropriate)

Checklist

  • I have added tests to cover my changes, if necessary.
  • I have updated the documentation accordingly, if necessary.

@dpatil-magento dpatil-magento mentioned this pull request Aug 3, 2020
Closed
1 task
@PWAStudioBot
Copy link
Contributor

PWAStudioBot commented Aug 3, 2020
edited
Loading

Fails
🚫 Missing information in PR. Please fill out the "Description" section.
🚫

No linked issue found. Please link a relevant open issue by adding the text "closes #<issue_number>" or "closes JIRA-<issue_number>" in your PR.
Warnings
⚠️ Found the word "TODO" in the PR description. Just letting you know incase you forgot :)
Messages
📖

Access a deployed version of this PR here. Make sure to wait for the "pwa-pull-request-deploy" job to complete.
📖 DangerCI Failures related to missing labels/description/linked issues/etc will persist until the next push or next nightly build run (assuming they are fixed).

If your PR is missing information, check against the original template here. At a minimum you must have the section headers from the template and provide some information in each section.

Generated by 🚫 dangerJS against 95b8468

@jimbo jimbo added the version: Patch This changeset includes backwards compatible bug fixes. label Aug 3, 2020
jimbo
jimbo previously approved these changes Aug 3, 2020
View reviewed changes
@devops-pwa-codebuild
Copy link
Collaborator

devops-pwa-codebuild commented Aug 3, 2020
edited
Loading

Performance Test Results

The following fails have been reported by WebpageTest. These numbers indicates a possible performance issue with the PR which requires further manual testing to validate.

https://pr-2601.pwa-venia.com : LH Performance Expected 0.85 Actual 0.34, LH Accessibility Expected 1 Actual 0.97, LH Best Practices Expected 1 Actual 0.92, WPT Cache Expected 90 Actual 39.333333333333
https://pr-2601.pwa-venia.com/venia-tops.html : LH Performance Expected 0.75 Actual 0.34, LH Best Practices Expected 1 Actual 0.92
https://pr-2601.pwa-venia.com/valeria-two-layer-tank.html : LH Performance Expected 0.8 Actual 0.41, LH Accessibility Expected 0.9 Actual 0.89, LH Best Practices Expected 1 Actual 0.92, WPT Cache Expected 65 Actual 50

jimbo
jimbo reviewed Aug 3, 2020
View reviewed changes
docker/yarn.lock Outdated
integrity sha512-tUMXrxlExSW6U2EXiiKGSBVdYgtV8qlHL+C10TsW4PURY/ic+eaysnSkwB4kA/mBlCyy/IKDJ+Lc3wbWeaXtuQ==
dot-prop@^4.1.0, dot-prop@^5.1.1:
version "5.2.0"
resolved "https://registry.npmjs.org/dot-prop/-/dot-prop-5.2.0.tgz#c34ecc29556dc45f1f4c22697b6f4904e0cc4fcb"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason why these changed from yarnpkg.com to npmjs.org?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks @jimbo , it was because of my local yarnrc registry mapping. should be good now.

@dpatil-magento dpatil-magento merged commit 7bdeb00 into develop Aug 4, 2020
@dpatil-magento dpatil-magento deleted the dev/update-docker-dependency branch August 4, 2020 17:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jimbo jimbo jimbo approved these changes

Assignees

@jimbo jimbo

@dpatil-magento dpatil-magento

Labels
version: Patch This changeset includes backwards compatible bug fixes.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dpatil-magento @PWAStudioBot @devops-pwa-codebuild @jimbo