Skip to content

chore(deps): upgrade semver to v7.7.2 #19500

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 29, 2025
Merged

chore(deps): upgrade semver to v7.7.2 #19500

merged 1 commit into from
May 29, 2025

Conversation

kennylam
Copy link
Member

Closes https://github.com/carbon-design-system/mend-issues/issues/12

Addresses CVE-2022-25883 by upgrading semver to >=7.5.2.

Changelog

Changed

  • Upgrade semver to v7.7.2

Testing / Reviewing

Everything should build and pass CI flows.

PR Checklist

As the author of this PR, before marking ready for review, confirm you:

  • Reviewed every line of the diff
  • Updated documentation and storybook examples
  • Wrote passing tests that cover this change
  • Addressed any impact on accessibility (a11y)
  • Tested for cross-browser consistency
  • Validated that this code is ready for review and status checks should pass

More details can be found in the pull request guide

@kennylam kennylam requested review from a team as code owners May 28, 2025 15:39
@kennylam kennylam added the dependencies Pull requests that update a dependency file label May 28, 2025
@kennylam kennylam requested a review from 2nikhiltom May 28, 2025 15:39
@kennylam kennylam added the type: infrastructure 🤖 Issues relating to devops, tech debt, etc. label May 28, 2025
@kennylam kennylam requested a review from ariellalgilmore May 28, 2025 15:39
@netlify Netlify
Copy link

netlify bot commented May 28, 2025

Deploy Preview for v11-carbon-web-components ready!

Name Link
🔨 Latest commit 25e20d5
🔍 Latest deploy log https://app.netlify.com/projects/v11-carbon-web-components/deploys/68372e44836a250008e1ce2e
😎 Deploy Preview https://deploy-preview-19500--v11-carbon-web-components.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify Netlify
Copy link

netlify bot commented May 28, 2025

Deploy Preview for v11-carbon-react ready!

Built without sensitive environment variables

Name Link
🔨 Latest commit 25e20d5
🔍 Latest deploy log https://app.netlify.com/projects/v11-carbon-react/deploys/68372e44746bb300082a9c9a
😎 Deploy Preview https://deploy-preview-19500--v11-carbon-react.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@codecov Codecov
Copy link

codecov bot commented May 28, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.48%. Comparing base (4215ae3) to head (25e20d5).
Report is 7 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #19500   +/-   ##
=======================================
  Coverage   84.48%   84.48%           
=======================================
  Files         373      373           
  Lines       14641    14641           
  Branches     4787     4787           
=======================================
  Hits        12369    12369           
  Misses       2125     2125           
  Partials      147      147

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@kennylam kennylam changed the title chore(deps): upgrade semver to v7.7.2 chore(deps): upgrade semver to v7.7.2 May 28, 2025
@annawen1 annawen1 added this pull request to the merge queue May 29, 2025
Merged via the queue into carbon-design-system:main with commit c720aec May 29, 2025
37 checks passed
@annawen1 annawen1 deleted the deps/upgrade-semver-7.7.2 branch May 29, 2025 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ariellalgilmore ariellalgilmore ariellalgilmore approved these changes

@annawen1 annawen1 annawen1 approved these changes

@heloiselui heloiselui heloiselui approved these changes

@2nikhiltom 2nikhiltom Awaiting requested review from 2nikhiltom 2nikhiltom is a code owner automatically assigned from carbon-design-system/monorepo-reviewers

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file status: one more review 👀 type: infrastructure 🤖 Issues relating to devops, tech debt, etc.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kennylam @ariellalgilmore @annawen1 @heloiselui