Closed coreydaley closed 3 months ago
🤖 I detect that the PR title and the commit message differ and there's only one commit. To use the PR title for the commit history, you can use Github's automerge feature with squashing, or use automerge
label. Good luck human!
-- conventional-commit-lint bot https://conventionalcommits.org/
I think it would be a better alternative to change the package reference to a more lenient approach such as:
"@grpc/grpc-js": "^1.10.9",
Or to install DependaBot or similar to avoid having to handle this type of issue manually. This package is widely used in Google projects and having vulnerable dependencies has serious repercussion on hundreds of projects.
I think it would be a better alternative to change the package reference to a more lenient approach such as:
"@grpc/grpc-js": "^1.10.9",
Or to install DependaBot or similar to avoid having to handle this type of issue manually. This package is widely used in Google projects and having vulnerable dependencies has serious repercussion on hundreds of projects.
Updated per your suggestion. Thanks!
@sofisl It looks like these two tests are failing on multiple recent pull requests. Is there a fix in the works?
Superseded by https://github.com/googleapis/gax-nodejs/pull/1622
Thank you for opening a Pull Request! Before submitting your PR, there are a few things you can do to make sure it goes smoothly:
Fixes #1620