microsoft / botframework-cli

CLI Tools for the Microsoft Bot Framework

Other

176 stars 129 forks source link

fix: Remove CVE-2020-36632 vulnerability #1366

Closed JhontSouth closed 6 months ago

JhontSouth commented 7 months ago

minor

Description

This PR updates the versions of the package mocha to update flat package and avoid the CVE-2020-36632 vulnerability.

Specific Changes

Updated mocha from ^6.2.2 to ^10.4.0 to use flat ^5.0.2.
Updated @types/mocha to work with new version of mocha.
Migrated mocha configuration from mocha.opts into every package.json to manage the new compatibility.

Testing

The following image shows the flat version installed after the update.

tracyboehrer commented 6 months ago

@JhontSouth Thanks! Can you check out the conflicts

JhontSouth commented 6 months ago

Hi @tracyboehrer, the conflicts are resolved