Skip to content
This repository has been archived by the owner on Aug 13, 2023. It is now read-only.

Commit

Permalink
Merge pull request #3270 from bbc/security-fixes
Browse files Browse the repository at this point in the history 
Minimist updates to fix vulnerability
  • Loading branch information
@sareh
sareh committed Mar 30, 2020
2 parents 192e1b3 + 9826e8a commit b8ccb2f
Show file tree
Hide file tree
Showing 24 changed files with 6,571 additions and 13,811 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
<!-- prettier-ignore -->
| Version | Description |
|---------|-------------|
| 2.0.113 | [PR#3270](https://github.com/bbc/psammead/pull/3270) Security patch for `minimist` |
| 2.0.112 | [PR#3311](https://github.com/bbc/psammead/pull/3311) Install @loadable/babel-plugin to support components using Loadable. |
| 2.0.111 | [PR#3291](https://github.com/bbc/psammead/pull/3291) Bump `@psammead-storybook-helpers` |
| 2.0.110 | [PR#3264](https://github.com/bbc/psammead/pull/3264) Add @bbc/psammead-live-label to dependencies |
Expand Down
16,342 changes: 4,907 additions & 11,435 deletions package-lock.json
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@bbc/psammead",
"version": "2.0.112",
"version": "2.0.113",
"description": "Core Components Library Developed & Maintained By The Articles and Reach & Languages Team",
"main": "index.js",
"private": true,
Expand Down
1 change: 1 addition & 0 deletions packages/components/psammead-content-anchor/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
<!-- prettier-ignore -->
| Version | Description |
|---------|-------------|
| 1.0.0-alpha.4 | [PR#3270](https://github.com/bbc/psammead/pull/3270) Security fixes |
| 1.0.0-alpha.3 | [PR#3151](https://github.com/bbc/psammead/pull/3151) Talos - Bump Dependencies - @bbc/psammead-headings |
| 1.0.0-alpha.2 | [PR#3082](https://github.com/bbc/psammead/pull/3082) Talos - Bump Dependencies - @bbc/psammead-headings |
| 1.0.0-alpha.1 | [PR#2582](https://github.com/bbc/psammead/pull/2582) Initial creation of package. |
8 changes: 4 additions & 4 deletions packages/components/psammead-content-anchor/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion packages/components/psammead-content-anchor/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@bbc/psammead-content-anchor",
"version": "1.0.0-alpha.3",
"version": "1.0.0-alpha.4",
"main": "dist/index.js",
"module": "esm/index.js",
"sideEffects": false,
Expand Down
1 change: 1 addition & 0 deletions packages/containers/psammead-timestamp-container/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
<!-- prettier-ignore -->
| Version | Description |
|---------|-------------|
| 2.7.10 | [PR#3270](https://github.com/bbc/psammead/pull/3270) Security fixes |
| 2.7.9 | [PR#3273](https://github.com/bbc/psammead/pull/3273) Talos - Bump Dependencies - @bbc/psammead-locales |
| 2.7.8 | [PR#3271](https://github.com/bbc/psammead/pull/3271) Talos - Bump Dependencies - @bbc/psammead-locales |
| 2.7.7 | [PR#3137](https://github.com/bbc/psammead/pull/3137) Fix P3 a11y bug degrading iOS Voice Over UX |
Expand Down
8 changes: 4 additions & 4 deletions packages/containers/psammead-timestamp-container/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion packages/containers/psammead-timestamp-container/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@bbc/psammead-timestamp-container",
"version": "2.7.9",
"version": "2.7.10",
"main": "dist/index.js",
"module": "esm/index.js",
"sideEffects": false,
Expand Down
1 change: 1 addition & 0 deletions packages/utilities/moment-timezone-include/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
<!-- prettier-ignore -->
| Version | Description |
| ------- | ----------- |
| 1.1.4 | [PR#3270](https://github.com/bbc/psammead/pull/3270) Add EOF lines |
| 1.1.3 | [PR#3266](https://github.com/bbc/psammead/pull/3266) Update version `mkdirp` to remove `minimist` vulnerability |
| 1.1.2 | [PR#1960](https://github.com/bbc/psammead/pull/1960) Use object spread syntax instead of object.assign |
| 1.1.1 | [PR#1803](https://github.com/bbc/psammead/pull/1803/) Patches broken links on badges in documentation |
Expand Down
36 changes: 18 additions & 18 deletions packages/utilities/moment-timezone-include/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions packages/utilities/moment-timezone-include/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@bbc/moment-timezone-include",
"version": "1.1.3",
"version": "1.1.4",
"description": "Webpack plugin and timezone data includes to pull in specific timezone data into desired chunks.",
"main": "./dist/index.js",
"repository": {
Expand Down Expand Up @@ -35,4 +35,4 @@
"object-hash": "^1.3.1",
"moment-timezone": "^0.5.26"
}
}
}
2 changes: 2 additions & 0 deletions packages/utilities/psammead-calendars/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
# Psammead Calendars Changelog

<!-- prettier-ignore -->
| Version | Description |
|---------|-------------|
| 2.0.9 | [PR#3270](https://github.com/bbc/psammead/pull/3270) Security fixes |
| 2.0.8 | [PR#3273](https://github.com/bbc/psammead/pull/3273) Talos - Bump Dependencies - @bbc/psammead-locales |
| 2.0.7 | [PR#3271](https://github.com/bbc/psammead/pull/3271) Talos - Bump Dependencies - @bbc/psammead-locales |
| 2.0.6 | [PR#3082](https://github.com/bbc/psammead/pull/3082) Talos - Bump Dependencies - @bbc/psammead-locales |
Expand Down
14 changes: 7 additions & 7 deletions packages/utilities/psammead-calendars/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion packages/utilities/psammead-calendars/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@bbc/psammead-calendars",
"version": "2.0.8",
"version": "2.0.9",
"main": "dist/index.js",
"module": "esm/index.js",
"sideEffects": false,
Expand Down
1 change: 1 addition & 0 deletions packages/utilities/psammead-rich-text-transforms/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
<!-- prettier-ignore -->
| Version | Description |
| ------- | ----------- |
| 2.0.1 | [PR#3270](https://github.com/bbc/psammead/pull/3270) Fix `minimist` and `acorn` vulnerability |
| 2.0.0 | [PR#2556](https://github.com/bbc/psammead/pull/2556) Tightened conditions for a link to be considered external |
| 1.1.2 | [PR#2466](https://github.com/bbc/psammead/pull/2466) Package-lock updates |
| 1.1.1 | [PR#2495](https://github.com/bbc/psammead/pull/2495) Replaces `node.constructor.name` logic as it caused a bug on client-side code execution |
Expand Down

0 comments on commit b8ccb2f

Please sign in to comment.