Next, we'll go through the GitHub Flow to make some changes. If you aren't sure how to do this, try the Introduction to GitHub course and then come back to give it another try.
Note: For production code, it's a good idea to do some integration testing to make sure that the upgraded package works with your code. Good unit tests and Continuous Integration (CI) will help you update with confidence. The Learning Lab course GitHub Actions: Continuous Integration can teach you how to set up CI!
Step 4: Updating dependency versions
Now that you know the recommended version, it's time to edit the package.json file. You'll upgrade the package to a non-vulnerable version.
:keyboard: Activity: Update the package.json file
Within this pull request, go to Files changed.
Click the ellipsis (...) in the right upper corner and click Edit file to edit the package.json file.
Fix the vulnerability by updating to the latest version of the dependency that you took note of earlier, version 2.6.9 of debug.
AdamCzepiel78
commented
3 years ago
Update the dependency
Next, we'll go through the GitHub Flow to make some changes. If you aren't sure how to do this, try the Introduction to GitHub course and then come back to give it another try.
Step 4: Updating dependency versions
Now that you know the recommended version, it's time to edit the
package.jsonfile. You'll upgrade the package to a non-vulnerable version.:keyboard: Activity: Update the
package.jsonfile...) in the right upper corner and click Edit file to edit thepackage.jsonfile.2.6.9ofdebug.