fix: fix vulnerabilities, upgrade ansi-regex and minimist and node-fetch

bcoe / conventional-release-labels

Apply labels for automatically generated release notes, based on conventionalcommits.org

Apache License 2.0

322 stars 14 forks source link

Closed ytanikin closed 2 years ago

ytanikin commented 2 years ago

the fix includes fixing 1 critical and 2 high vulnerabilities that npm audit shows

ytanikin commented 2 years ago

@bcoe please have a look at the PR. The action is prohibited to use in my company because of presence vulnerabilities

bcoe commented 2 years ago

@ytanikin something appears to be broken with this PR.

ytanikin commented 2 years ago

@bcoe fixed npm install could you approve workflow

ytanikin commented 2 years ago

Could you please take a look at this @bcoe, I am not allowed to use this action until the vulnerabilities are addressed

ytanikin commented 2 years ago

@bcoe could you release a new version