electron / node-abi

:turtle: :rocket: Get the Node.js and Electron ABI for a given target and runtime
https://www.npmjs.com/node-abi
MIT License
164 stars 58 forks source link

build: update yarn.lock to fix audit output #153

Closed up-up-and-away[bot] closed 11 months ago

up-up-and-away[bot] commented 11 months ago

We ran uuaw --audit and it resulted in a clean yarn audit.

Attempting to fix advisory: GHSA-wf5p-g6vw-rhxx - Axios Cross-Site Request Forgery Vulnerability
Scanning dependency chain:
     @continuous-auth/semantic-release-npm --> @continuous-auth/client --> axios
[1/4] Trying from: axios@^0.27.2
    Resolving: axios@^0.27.2 --> 0.27.2
[1/4] Chain results in vulnerable version: axios@0.27.2
[2/4] Trying from: @continuous-auth/client@^2.2.2
    Resolving: @continuous-auth/client@^2.2.2 --> 2.2.3
    Resolving: axios@^1.6.2 --> 1.6.2
[2/4] Updating chain to latest starting at: @continuous-auth/client@^2.2.2 results in a patched version: axios@1.6.2
[2/4] Running yarn install now

Audit is clean, looking good cap'n
continuous-auth[bot] commented 11 months ago

:tada: This PR is included in version 3.52.0 :tada:

The release is available on:

Your semantic-release bot :package::rocket: