Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

webhook(chore): bump axios to 1.7.4 to address CVE-2024-39338 #1879

Merged
merged 1 commit into from
Aug 15, 2024
Merged

webhook(chore): bump axios to 1.7.4 to address CVE-2024-39338 #1879

merged 1 commit into from
Aug 15, 2024

Conversation

zimeg
Copy link
Member

@zimeg zimeg commented Aug 15, 2024

Summary

This PR bumps axios to 1.7.4 to address CVE-2024-39338 following #1874

Requirements

@zimeg zimeg added semver:patch security pkg:interactive-messages (deprecated) applies to `@slack/interactive-messages` pkg:webhook applies to `@slack/webhook` labels Aug 15, 2024
@zimeg zimeg added this to the webhook@7.0.3 milestone Aug 15, 2024
@zimeg zimeg self-assigned this Aug 15, 2024
@zimeg zimeg changed the title chore(deps): bump axios to 1.7.4 to address CVE-2024-39338 webhook(chore): bump axios to 1.7.4 to address CVE-2024-39338 Aug 15, 2024
@codecov Codecov
Copy link

codecov bot commented Aug 15, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.85%. Comparing base (7c2cfdc) to head (8afa72c).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1879   +/-   ##
=======================================
  Coverage   89.85%   89.85%           
=======================================
  Files          34       34           
  Lines        7648     7648           
  Branches      374      374           
=======================================
  Hits         6872     6872           
  Misses        764      764           
  Partials       12       12
Flag Coverage Δ
cli-hooks 94.94% <ø> (ø)
cli-test 94.77% <ø> (ø)
oauth 76.53% <ø> (ø)
socket-mode 59.59% <ø> (ø)
web-api 96.57% <ø> (ø)
webhook 95.27% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

@zimeg zimeg merged commit 72b2e2d into slackapi:main Aug 15, 2024
30 checks passed
@zimeg zimeg deleted the chore-deps-bump-axios-1.7.4 branch August 15, 2024 20:27
@matrix-compute matrix-compute mentioned this pull request Sep 5, 2024
Open
This was referenced Sep 5, 2024
Open
Open
@SherfeyInv SherfeyInv mentioned this pull request Sep 6, 2024
Merged
This was referenced Sep 6, 2024
Open
Open
@SherfeyInv SherfeyInv mentioned this pull request Sep 6, 2024
Merged
@matrix-compute matrix-compute mentioned this pull request Sep 6, 2024
Open
This was referenced Sep 6, 2024
Open
Open
Open
@mikolajroszak mikolajroszak mentioned this pull request Sep 14, 2024
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees

@zimeg zimeg

Labels
pkg:interactive-messages (deprecated) applies to `@slack/interactive-messages` pkg:webhook applies to `@slack/webhook` security semver:patch
Projects
None yet
Milestone
webhook@7.0.3
Development

Successfully merging this pull request may close these issues.
1 participant
@zimeg