Closed melvin-bot[bot] closed 7 months ago
This is a Snyk issue. Snyk is a tool that automatically tracks our repositories' dependencies and reports associated security vulnerabilities. It also automatically create PRs to fix these vulnerabilities.
C+: Please follow these steps to test the linked PR before running through the reviewer checklist:
- [ ] The first step is to understand the PR: what dependency is it upgrading, for which vulnerability, how it impacts our product & end users.
- [ ] If the issue is not worth fixing, please add your reasoning in the issue and have the internal engineer review it.
- [ ] Check the change log (which should be included in the PR description) to see all changes. We want to identify any breaking changes. If it is a minor version bump, it's unlikely that there are any breaking changes.
- [ ] Test our feature(s) that make use of this package. If it does not work, we should understand what broke it. It is also a good idea to check our main flows to make sure they are not broken that you can add in the checklist screenshots/videos.
Job added to Upwork: https://www.upwork.com/jobs/~01f34770e9a178d140
Triggered auto assignment to Contributor Plus for review of internal employee PR - @jjcoffee (Internal
)
Linked PR is closed, we can close this issue. (Not sure if automation is broken for these?)
:ribbon::eyes::ribbon: C+ reviewed
Triggered auto assignment to @NikkiWines, see https://stackoverflow.com/c/expensify/questions/7972 for more details.
Yeah, looks like this didn't auto-close due to the missing issue link in the PR but this is fine to close out. Thanks for catching that @jjcoffee 🙇
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade electron-updater from 6.1.9 to 6.2.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **2 versions** ahead of your current version. - The recommended version was released **22 days ago**, on 2024-03-03.
Release notes
Package name: electron-updater
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/expensify/project/9be44749-775a-47a6-be6b-781145c25b98?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/expensify/project/9be44749-775a-47a6-be6b-781145c25b98/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/expensify/project/9be44749-775a-47a6-be6b-781145c25b98/settings/integration?pkg=electron-updater&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
Upwork Automation - Do Not Edit