Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade express dependency #1530

Merged
merged 3 commits into from
Mar 26, 2024
Merged

Upgrade express dependency #1530

merged 3 commits into from
Mar 26, 2024

Conversation

MarcAstr0
Copy link
Collaborator

@MarcAstr0 MarcAstr0 commented Mar 25, 2024
edited
Loading

Description

Upgrades the version of the express dependency. Some security vulnerabilities have been found in versions of the qs library, a dependency of express.

Changes

  • Update package.json in framework-provider-local, framework-provider-local-infrastructure, and framework-integration-tests packages.

Checks

  • Project Builds
  • Project passes tests and checks
  • Updated documentation accordingly

@MarcAstr0 MarcAstr0 added the security Issues about improving the overall framework security. label Mar 25, 2024
@what-the-diff What The Diff
Copy link

what-the-diff bot commented Mar 25, 2024

PR Summary

  • New File Addition
    A new file, upgrade_express_dependency_2024-03-25-18-25.json, has been added to common/changes/@boostercloud/framework-core. This file pertains to the update of the express dependency version.

  • Updates to Express Dependency
    The express dependency version has been updated in several package.json files. The old version 4.17.1 has been updated to 4.19.2 in the following locations:

    • packages/framework-integration-tests/package.json
    • packages/framework-provider-local-infrastructure/package.json
    • packages/framework-provider-local/package.json

  • Updates to @types/express Dependency
    The @types/express dependency version has also been updated in certain package.json files from ^4.17.13 to ^4.17.21. The files include:

    • packages/framework-provider-local-infrastructure/package.json
    • packages/framework-provider-local/package.json

These updates ensure the application stays up-to-date with the latest advances, features, and security patches provided by the newer versions of the Express framework.

@MarcAstr0
Copy link
Collaborator Author

/integration sha=66b80912548fa5c93382297ea78634abbcbaf9c4

@MarcAstr0
Copy link
Collaborator Author

/integration sha=3acee6e75e0d41455a908fcc6f4fc800880813ce

@github-actions GitHub Actions
Copy link
Contributor

⌛ Integration tests are running...

Check their status here 👈

@github-actions GitHub Actions
Copy link
Contributor

✅ Integration tests have finished successfully!

@MarcAstr0 MarcAstr0 merged commit 9833098 into boostercloud:main Mar 26, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@NickSeagull NickSeagull NickSeagull approved these changes

@javiertoledo javiertoledo Awaiting requested review from javiertoledo

@gonzalogarciajaubert gonzalogarciajaubert Awaiting requested review from gonzalogarciajaubert

@charlietfe charlietfe Awaiting requested review from charlietfe

@alvaroloes alvaroloes Awaiting requested review from alvaroloes

Assignees
No one assigned
Labels
security Issues about improving the overall framework security.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MarcAstr0 @NickSeagull