Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade express version #2270

Merged
merged 2 commits into from
Sep 23, 2024
Merged

Upgrade express version #2270

merged 2 commits into from
Sep 23, 2024

Conversation

helzahalim
Copy link
Contributor

Bump express version to above 4.20.0.
Version 4.19.2 has introduced multiple Snyk Vulnerability

  1. Introduced through: @slack/bolt@3.21.4 › express@4.19.2 › path-to-regexp@0.1.7
    CVSS v4.0 6.9

  2. Introduced through: @slack/bolt@3.21.4 › express@4.19.2 › body-parser@1.20.2
    CVSS v4.0 8.2

  3. Introduced through: @slack/bolt@3.21.4 › express@4.19.2
    CVSS v4.0 5.1

  4. Introduced through : @slack/bolt@3.21.4 › express@4.19.2 › send@0.18.0
    CVSS v4.0 2.1

  5. Introduced through: @slack/bolt@3.21.4 › express@4.19.2 › serve-static@1.15.0
    CVSS v4.0 2.1

Summary

Describe the goal of this PR. Mention any related Issue numbers.

Requirements (place an x in each [ ])

Copy link

codecov bot commented Sep 23, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 87.78%. Comparing base (e82f6e8) to head (07864de).
Report is 1 commits behind head on main.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #2270   +/-   ##
=======================================
  Coverage   87.78%   87.78%           
=======================================
  Files          19       19           
  Lines        1646     1646           
  Branches      464      464           
=======================================
  Hits         1445     1445           
  Misses        194      194           
  Partials        7        7           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@filmaj filmaj merged commit 8529f8f into slackapi:main Sep 23, 2024
17 checks passed
@filmaj
Copy link
Contributor

filmaj commented Sep 23, 2024

Thank you!

@zimeg zimeg added semver:patch dependencies Pull requests that update a dependency file labels Sep 27, 2024
@zimeg zimeg added this to the 3.22.0 milestone Sep 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cla:signed dependencies Pull requests that update a dependency file semver:patch
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants