Skip to content

AWG-13084 Fixed dependabot issues#45

Merged
sorinfratila merged 1 commit into
mainfrom
AWG-13084-fix-dependabot-issues
Jun 8, 2026
Merged

AWG-13084 Fixed dependabot issues#45
sorinfratila merged 1 commit into
mainfrom
AWG-13084-fix-dependabot-issues

Conversation

@RomanFadeev26

@RomanFadeev26 RomanFadeev26 commented May 28, 2026

Copy link
Copy Markdown
Contributor

@RomanFadeev26 RomanFadeev26 self-assigned this May 28, 2026
@RomanFadeev26 RomanFadeev26 requested a review from a team as a code owner May 28, 2026 20:02
@RomanFadeev26 RomanFadeev26 requested review from anhnicky66, ishanG212, mohanish-acquia and tooms73-work and removed request for a team May 28, 2026 20:02
Copilot AI reviewed May 28, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the package patch version and refreshes locked transitive dev dependency versions to address Dependabot-reported issues without changing runtime source code.

Changes:

  • Bumps page-processing-lib from 4.1.6 to 4.1.7.
  • Updates transitive dev dependencies in package-lock.json: ajv, handlebars, and ws.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
package.json Updates the package version to 4.1.7.
package-lock.json Syncs the package version and refreshes locked dev dependency versions.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Monsido Monsido deleted a comment from sorinfratila Jun 8, 2026
@tooms73-work

tooms73-work commented Jun 8, 2026
edited
Loading

Copy link
Copy Markdown

This works, i like to add the changes to package.json as version bump for direct dependencies and overrides for transitives. If we for some reason need to rebuild the package-lock.json. Then these changes is lost ;-)

And i'm not sure about this snyk things?

@RomanFadeev26

RomanFadeev26 commented Jun 8, 2026

Copy link
Copy Markdown
Contributor Author

This works, i like to add the changes to package.json as version bump for direct dependencies and overrides for transitives. If we for some reason need to rebuild the package-lock.json. Then these changes is lost ;-)

And i'm not sure about this snyk things?

Idk what are these snyk things as well 😅

@sorinfratila sorinfratila merged commit dd7778c into main Jun 8, 2026
1 of 3 checks passed
@sorinfratila sorinfratila deleted the AWG-13084-fix-dependabot-issues branch June 8, 2026 15:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@sorinfratila sorinfratila sorinfratila approved these changes

@tooms73-work tooms73-work tooms73-work approved these changes

@anhnicky66 anhnicky66 Awaiting requested review from anhnicky66 anhnicky66 is a code owner automatically assigned from Monsido/frontend-developers

@ishanG212 ishanG212 Awaiting requested review from ishanG212 ishanG212 is a code owner automatically assigned from Monsido/frontend-developers

@mohanish-acquia mohanish-acquia Awaiting requested review from mohanish-acquia mohanish-acquia is a code owner automatically assigned from Monsido/frontend-developers

Assignees

@RomanFadeev26 RomanFadeev26

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@RomanFadeev26 @tooms73-work @sorinfratila