Skip to content

fix(deps): bump core, jsonwebtoken and jws to avoid CVE#320

Merged
diatrcz merged 1 commit into
mainfrom
lt/fix-cve
Dec 5, 2025
Merged

fix(deps): bump core, jsonwebtoken and jws to avoid CVE#320
diatrcz merged 1 commit into
mainfrom
lt/fix-cve

Conversation

@diatrcz
Copy link
Copy Markdown
Contributor

@diatrcz diatrcz commented Dec 5, 2025

Bumps sdk-core, jsonwebtoken and jws to avoid GHSA-869p-cjfg-cm3x.

@diatrcz
fix(deps): bump core, jsonwebtoken and jws to avoid CVE
49d10ba 
Signed-off-by: Lídia Tarcza <100163235+diatrcz@users.noreply.github.com>
@diatrcz diatrcz requested a review from pyrooka December 5, 2025 11:33
pyrooka
pyrooka approved these changes Dec 5, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@pyrooka pyrooka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@diatrcz diatrcz merged commit 16f9ce9 into main Dec 5, 2025
12 checks passed
@diatrcz diatrcz deleted the lt/fix-cve branch December 5, 2025 13:08
ibm-devx-sdk pushed a commit that referenced this pull request Dec 5, 2025
@semantic-release-bot
chore(release): 0.79.1 [skip ci]
73eb25a 
## [0.79.1](v0.79.0...v0.79.1) (2025-12-05)

### Bug Fixes

* **deps:** bump core, jsonwebtoken and jws to avoid CVE ([#320](#320)) ([16f9ce9](16f9ce9))
@ibm-devx-sdk
Copy link
Copy Markdown

ibm-devx-sdk commented Dec 5, 2025

🎉 This PR is included in version 0.79.1 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pyrooka pyrooka pyrooka approved these changes

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@diatrcz @ibm-devx-sdk @pyrooka