jonatanlr98 / security-on-github

https://lab.github.com/githubtraining/securing-your-workflows
MIT License
0 stars 0 forks source link

Update the vulnerable dependency #1

Closed github-learning-lab[bot] closed 2 years ago

github-learning-lab[bot] commented 2 years ago

Update the dependency

Next, we'll go through the GitHub Flow to make some changes. If you aren't sure how to do this, try the Introduction to GitHub course and then come back to give it another try.

Note: Before doing this with real world code, make sure that the upgraded package works with your code. Good unit tests and CI (continuous integration) will help you update with confidence.

Step 4: Updating dependency versions

Now that you know the recommended version, it's time to edit the package.json file. You'll upgrade the package to a non-vulnerable version.

:keyboard: Activity: Update the package.json file

  1. Within this pull request, go to Files changed.
  2. Click the ellipsis (...) in the right upper corner and click Edit file to edit the package.json file.
  3. Fix the vulnerability by updating to the latest version of the dependency that you took note of earlier.
  4. Scroll down, and commit your change.
jonatanlr98 commented 2 years ago

cat type:pr matches pull requests with the word "cat."