From 1b7a903c7c3e177b953e3025a5bc9c3b3067104d Mon Sep 17 00:00:00 2001 From: Marcel Raschke <42359664+MarcelRaschke@users.noreply.github.com> Date: Tue, 22 Dec 2020 20:59:39 +0100 Subject: [PATCH 1/2] Create SECURITY.md --- SECURITY.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..034e848032 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc. From 455f1a5c5033319ba32a3a92e8230be3110c164c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 20 Aug 2022 06:52:41 +0000 Subject: [PATCH 2/2] feat: upgrade ioredis from 4.19.2 to 5.2.2 Snyk has created this PR to upgrade ioredis from 4.19.2 to 5.2.2. See this package in npm: https://www.npmjs.com/package/ioredis See this project in Snyk: https://app.snyk.io/org/marcelraschke/project/34225ac7-4ae1-4b4f-8732-f23ad881993e?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index aa0321b9ba..6ab30a8ee3 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "eventsource": "^1.0.7", "express": "^4.17.1", "hbs": "^4.1.1", - "ioredis": "^4.19.2", + "ioredis": "^5.2.2", "js-yaml": "^3.14.1", "lru-cache": "^6.0.0", "octokit-auth-probot": "^1.2.2",