Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GRAL-4241 vulnerabilities fix #29

Merged
merged 3 commits into from
Apr 2, 2024
Merged

GRAL-4241 vulnerabilities fix #29

merged 3 commits into from
Apr 2, 2024

Conversation

dmitriyeff
Copy link
Contributor

@dmitriyeff dmitriyeff commented Mar 28, 2024
edited
Loading

app-extensions-sdk high vulnerabilities fix

Installed this branch here

  • Checkout marketplace app extensions
  • Run rm -rf node_modules && rm -rf build-detached
  • Run npm i
  • Run cypress tests: npm run test:functional:cypress:run (All tests should pass)

Check for vulnerabilities in the package:

  • Run npm audit against app-extenstions-sdk and see if there are no vulnerabilities

@dmitriyeff dmitriyeff marked this pull request as ready for review April 1, 2024 13:21
@dmitriyeff dmitriyeff requested a review from a team as a code owner April 1, 2024 13:21
@Reivilo85k Reivilo85k self-assigned this Apr 2, 2024
Reivilo85k
Reivilo85k previously approved these changes Apr 2, 2024
View reviewed changes
Copy link
Contributor

@Reivilo85k Reivilo85k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works on my machine

Reivilo85k
Reivilo85k previously approved these changes Apr 2, 2024
View reviewed changes
@dmitriyeff dmitriyeff added npm-version-patch used for deployment npm-ready-for-publish used for deployment and removed npm-ready-for-publish used for deployment npm-version-patch used for deployment labels Apr 2, 2024
@dmitriyeff dmitriyeff added npm-version-patch used for deployment npm-ready-for-publish used for deployment labels Apr 2, 2024
@pipedrive-bot-dora
Copy link

Neodora Analysis ⚠

⚠ Use of actively maintained version of Node.js

Message: A service using Node.js should use an actively maintained version before it reaches EOL.

Current Node.js version Message
16 The current version of Node.js has already reached its EOL (2023-09-11)

🔍 How to fix it

⚠ Incorrect runner in Github Workflow

Message: Github workflow must run on a self-hosted runner

Workflow file Job name Actual runs-on value Expected runs-on value
on-commit.yml lint ubuntu-latest Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute, eks-runner-cd, eks-runner-ci, eks-runner-neodora, eks-runner-neodora-bulk, eks-runner-secops]

🔍 How to fix it

⚠ Missing cache in Github Workflow

Message: Github workflow should be using caching when step uses actions/setup-node

Workflow file Job name Step index Actual cache value Expected cache value
on-commit.yml lint 2 Not found npm

🔍 How to fix it

⚠ Unknown tribe name

Message: The property owner in repository.json must be a valid tribe name present in mission-tracking
Repository file: repository.json

Owner status
'GRAVITY' is an unknown tribe name

🔍 How to fix it

Commit 2134a02 Job 379543

@pipedrive-bot pipedrive-bot closed this pull request by merging all changes into master in 9cfd7a1 Apr 2, 2024
@dmitriyeff dmitriyeff merged commit 2134a02 into master Apr 2, 2024
3 checks passed
@pipedrive-bot pipedrive-bot deleted the GRAL-4241 branch April 2, 2024 10:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Reivilo85k Reivilo85k Reivilo85k approved these changes

Assignees

@Reivilo85k Reivilo85k

Labels
npm-ready-for-publish used for deployment npm-version-patch used for deployment
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dmitriyeff @pipedrive-bot-dora @Reivilo85k @pipedrive-bot