fix(vulnerability): updating mocha versions #211

gamer496 · 2025-02-17T09:39:48Z

Fixing vulnerability in npm audit:

# npm audit report

nanoid  <3.3.8
Severity: moderate
Predictable results in nanoid generation when given non-integer values - https://github.com/advisories/GHSA-mwcw-c2x4-8c55
fix available via `npm audit fix --force`
Will install mocha@11.1.0, which is a breaking change
node_modules/nanoid
  mocha  8.2.0 - 10.2.0
  Depends on vulnerable versions of nanoid
  node_modules/mocha

2 moderate severity vulnerabilities

And fixing: https://github.com/Cognigy/Cognigy-CLI/security/dependabot/70

deepaknegi-cognigy · 2025-02-18T09:36:09Z

Was able to run tests successfully in my local.

XavierJordaMurria · 2025-02-18T12:36:29Z

🎉 This PR is included in version 1.6.8 🎉

The release is available on:

Your semantic-release bot 📦🚀

fix(vulnerability): updating mocha versions

4eb3318

gamer496 requested review from pedily, apdemin, mhdha94 and deepaknegi-cognigy February 17, 2025 09:39

deepaknegi-cognigy approved these changes Feb 18, 2025

View reviewed changes

pedily approved these changes Feb 18, 2025

View reviewed changes

apdemin approved these changes Feb 18, 2025

View reviewed changes

gamer496 merged commit 62c6f8e into develop Feb 18, 2025
5 checks passed

XavierJordaMurria added the released label Feb 18, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(vulnerability): updating mocha versions #211

fix(vulnerability): updating mocha versions #211

gamer496 commented Feb 17, 2025 •

edited

Loading

deepaknegi-cognigy commented Feb 18, 2025

XavierJordaMurria commented Feb 18, 2025

fix(vulnerability): updating mocha versions #211

fix(vulnerability): updating mocha versions #211

Conversation

gamer496 commented Feb 17, 2025 • edited Loading

deepaknegi-cognigy commented Feb 18, 2025

XavierJordaMurria commented Feb 18, 2025

gamer496 commented Feb 17, 2025 •

edited

Loading