Bump ansi-regex to ^5.0.1 to fix CVE-2021-3807 #2794
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
✔️ Deploy Preview for react-native ready! 🔨 Explore the source changes: 159dcfa 🔍 Inspect the deploy log: https://app.netlify.com/sites/react-native/deploys/6154871de5aba700075c34ea 😎 Browse the preview: https://deploy-preview-2794--react-native.netlify.app |
Indeed 👍 Thanks for the hint |
Simek
approved these changes
Sep 30, 2021
sunnylqm
added a commit
to reactnativecn/react-native-website
that referenced
this pull request
Oct 9, 2021
* Add a note about where to place the Gradle vars (facebook#2776) Co-authored-by: Gijs Weterings <[email protected]> * Update appstate.md (facebook#2778) Co-authored-by: Bartosz Kaszubowski <[email protected]> * Animations: remove unused style object (facebook#2780) * Force `trim@^1.0.1` resolution (facebook#2782) * Bump axios from 0.21.1 to 0.21.4 (facebook#2783) Bumps [axios](https://github.com/axios/axios) from 0.21.1 to 0.21.4. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md) - [Commits](axios/axios@v0.21.1...v0.21.4) --- updated-dependencies: - dependency-name: axios dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add help relating to Android intent queries (facebook#2774) * Add help relating to Android intent queries On Android 11 in order for `Linking.canOpenUrl` to return `true` the scheme/intent must be specified in AndroidManifest.xml and queryable. This is not currently clear in the documentation even though specific instructions are given for iOS. * Tweaks from prettier linting. * Fix spelling mistakes. Co-authored-by: Gijs Weterings <[email protected]> * Ensure AndroidManifest.xml example matches the descriptive text. Co-authored-by: Gijs Weterings <[email protected]> * Improve wording in the description for the example code. Co-authored-by: Gijs Weterings <[email protected]> * Split sentence in two to improve readability Co-authored-by: Gijs Weterings <[email protected]> Co-authored-by: Gijs Weterings <[email protected]> * docs: add fragment to native-components-android.md (facebook#2599) * docs: add fragment to native-components-android.md As a Javascript / React-Native developer I had a hard time figuring out how to integrate a custom native SDK to React Native with the help of Android Fragments. Please correct anything that you wish. This information took me 3 days to figure out, especially the part with `setupLayout` and `manuallyLayoutChildren` so I wish an example like this was available in the official documentation. I was expecting the code without `setupLayout` and `manuallyLayoutChildren` but i had no luck. If somebody has any better solution in your team, or any explanation, it would also be really nice to state in the documentation * chore: fix linting errors * chore: fix alex errors * docs: update native-components-android.md * docs: update native-components-android.md - add missing imports - remove extra spaces - remove unnecessary double cast - remove unnecessary comment * Bump semver-regex from 3.1.2 to 3.1.3 (facebook#2788) Bumps [semver-regex](https://github.com/sindresorhus/semver-regex) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/sindresorhus/semver-regex/releases) - [Commits](https://github.com/sindresorhus/semver-regex/commits) --- updated-dependencies: - dependency-name: semver-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump prismjs from 1.24.0 to 1.25.0 (facebook#2787) Bumps [prismjs](https://github.com/PrismJS/prism) from 1.24.0 to 1.25.0. - [Release notes](https://github.com/PrismJS/prism/releases) - [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md) - [Commits](PrismJS/prism@v1.24.0...v1.25.0) --- updated-dependencies: - dependency-name: prismjs dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove the link to 2021 React Community Survey (facebook#2784) * Bump ansi-regex to ^5.0.1 to fix CVE-2021-3807 (facebook#2794) * Release 0.66 Post (facebook#2797) * Add post and assets * Fix lint * Update links and image * Ignore alex warning * Fix linking for highlights * Capitalize Bluetooth and align titles * Capitalize Bluetooth and align titles * Missed one Bluetooth * Credit mikehardy * Cut 0.66 docs (facebook#2798) * update link troubleshooting (facebook#2799) * Update handling-text-input.md (facebook#2795) * Update tsconfig.json example (facebook#2796) * fix preview deploy failure due to links in older blog posts (facebook#2803) * add section of `stickyHeaderHiddenOnScroll` option (facebook#2801) * Update native-modules-android.md (facebook#2791) * Update native-modules-android.md Those two methods are missing in the documentation and an exception is sent if they are not in the code. Co-authored-by: Simon BRUNOU <[email protected]> * Update linking.md (facebook#2802) * [Docs] Add an asterisk note to the hermes bundle is in use (facebook#2804) Co-authored-by: Raquel Smith <[email protected]> Co-authored-by: Gijs Weterings <[email protected]> Co-authored-by: Luis Durão <[email protected]> Co-authored-by: Bartosz Kaszubowski <[email protected]> Co-authored-by: Titus Efferian <[email protected]> Co-authored-by: Timothy Yung <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Mike Leonard <[email protected]> Co-authored-by: Fazekas Dániel <[email protected]> Co-authored-by: Ivan Moskalev <[email protected]> Co-authored-by: Nicola Corti <[email protected]> Co-authored-by: Luna <[email protected]> Co-authored-by: Luis Medina Huerta <[email protected]> Co-authored-by: Nana Asiedu-Ampem <[email protected]> Co-authored-by: David NRB <[email protected]> Co-authored-by: guruguru-dekiruko <[email protected]> Co-authored-by: Simon <[email protected]> Co-authored-by: Simon BRUNOU <[email protected]> Co-authored-by: Jens Kuhr Jørgensen <[email protected]> Co-authored-by: limaAniceto <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As the title says, I'm adding an explicit dependency on
ansi-regex@^5.0.1