Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

force resolve multicast-dns v7.2.3 #9133

Merged
merged 4 commits into from
May 26, 2021
Merged

force resolve multicast-dns v7.2.3 #9133

merged 4 commits into from
May 26, 2021

Conversation

jroebu14
Copy link

@jroebu14 jroebu14 commented May 26, 2021
edited
Loading

Overall change:
dns-packet has a vuln. webpack-dev-server uses v1 via multicast-dns v6 and the safe version is of dns-packet is 5. Upgrading multicast-dns to v7 introduces a safe version of dns-packet.

This vuln is tracked in webpack-dev-server issue webpack/webpack-dev-server#3340

Same approach taken here:
webpack/webpack-dev-server#3340 (comment)

Code changes:

  • Force resolve multicast-dns v7.2.3
  • I have assigned myself to this PR and the corresponding issues
  • I have added the cross-team label to this PR if it requires visibility across World Service teams
  • I have assigned this PR to the Simorgh project
  • (BBC contributors only) This PR follows the repository use guidelines

Testing:

  • Automated (jest and/or cypress) tests added (for new features) or updated (for existing features)
  • If necessary, I have run the local E2E non-smoke tests relevant to my changes (CYPRESS_APP_ENV=local CYPRESS_SMOKE=false yarn test:e2e:interactive)
  • This PR requires manual testing

@jroebu14 jroebu14 self-assigned this May 26, 2021
@jroebu14 jroebu14 added the cross-team For visibility for both World Service teams (Engage & Media) label May 26, 2021
HarveyPeachey
HarveyPeachey approved these changes May 26, 2021
View reviewed changes
Copy link
Contributor

@HarveyPeachey HarveyPeachey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jroebu14 jroebu14 merged commit c2d9229 into latest May 26, 2021
@jroebu14 jroebu14 deleted the force-resolution-multicast-dns branch May 26, 2021 09:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@HarveyPeachey HarveyPeachey HarveyPeachey approved these changes

@rebeccamcginn rebeccamcginn rebeccamcginn approved these changes

Assignees

@jroebu14 jroebu14

@rebeccamcginn rebeccamcginn

Labels
cross-team For visibility for both World Service teams (Engage & Media)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jroebu14 @HarveyPeachey @rebeccamcginn