Upgrade diff to 4.0.1 #4852

akshayas · 2019-09-09T22:02:12Z

PR checklist

Addresses an existing issue: fixes #0000
New feature, bugfix, or enhancement
- Includes tests
Documentation update

Overview of change:

Github/dependabot reported a high severity bug with jsdiff. The exact wording is

WS-2018-0590 More information
high severity
Vulnerable versions: < 3.5.0
Patched version: 3.5.0
A vulnerability was found in diff before v3.5.0, the affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.

This diff bumps up the version to the latest available jsdiff 4.0.1.

Is there anything you'd like reviewers to focus on?

No

CHANGELOG.md entry:

N/A

palantirtech · 2019-09-09T22:02:13Z

Thanks for your interest in palantir/tslint, @akshayas! Before we can accept your pull request, you need to sign our contributor license agreement - just visit https://cla.palantir.com/ and follow the instructions. Once you sign, I'll automatically update this pull request.

adidahiya · 2019-09-09T23:46:36Z

thanks @akshayas

Upgrade diff to 4.0.1

e4298f4

Update yarn.lock

47b50db

adidahiya approved these changes Sep 9, 2019

View reviewed changes

adidahiya merged commit 7659cd9 into palantir:master Sep 9, 2019

akshayas deleted the asrivatsa_upgrade_diff branch September 10, 2019 00:01

adidahiya mentioned this pull request Sep 10, 2019

Prepare release v5.20.0 #4853

Merged

snyk-bot mentioned this pull request Oct 11, 2019

[Snyk] Upgrade tslint from 5.11.0 to 5.20.0 Narshe1412/nuarca-sql#21

Merged

snyk-bot mentioned this pull request Oct 26, 2019

[Snyk] Upgrade tslint from 5.12.1 to 5.20.0 ajesse11x/caprover#5

Open

This was referenced Nov 13, 2019

[Snyk] Upgrade tslint from 5.20.0 to 5.20.1 Narshe1412/nuarca-sql#75

Merged

[Snyk] Upgrade tslint from 5.20.0 to 5.20.1 ryshu/enib-internships#91

Merged

[Snyk] Upgrade tslint from 5.8.0 to 5.20.1 Matthelonianxl/cli-build-app#7

Open

snyk-bot mentioned this pull request Dec 15, 2019

[Snyk] Upgrade tslint from 5.11.0 to 5.20.1 dyna-dot/arxiv-bib-overlay#1

Open

snyk-bot mentioned this pull request Feb 19, 2020

[Snyk] Upgrade tslint from 5.9.1 to 5.20.1 hmcts/vh-admin-web#230

Merged

snyk-bot mentioned this pull request Mar 31, 2020

[Snyk] Upgrade tslint from 5.8.0 to 5.20.1 baophucct/trust-ray#6

Open

snyk-bot mentioned this pull request Apr 12, 2020

[Snyk] Upgrade tslint from 5.18.0 to 5.20.1 speech4j/web#14

Closed

snyk-bot mentioned this pull request Apr 22, 2020

[Snyk] Upgrade tslint from 5.9.1 to 5.20.1 Narshe1412/APMTraining#19

Open

dependabot bot mentioned this pull request Mar 15, 2021

Bump tslint from 5.9.1 to 5.20.1 CartoonIsArt/CIAPI#130

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade diff to 4.0.1 #4852

Upgrade diff to 4.0.1 #4852

akshayas commented Sep 9, 2019

palantirtech commented Sep 9, 2019

adidahiya commented Sep 9, 2019

Upgrade diff to 4.0.1 #4852

Upgrade diff to 4.0.1 #4852

Conversation

akshayas commented Sep 9, 2019

PR checklist

Overview of change:

Is there anything you'd like reviewers to focus on?

CHANGELOG.md entry:

palantirtech commented Sep 9, 2019

adidahiya commented Sep 9, 2019