Skip to content

Address CVE GHSA-fjxv-7rqg-78g4, GHSA-xffm-g5w8-qvg7, bump @itwin/eslint-plugin #8344

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jul 22, 2025
Merged

Address CVE GHSA-fjxv-7rqg-78g4, GHSA-xffm-g5w8-qvg7, bump @itwin/eslint-plugin #8344

merged 5 commits into from
Jul 22, 2025

Conversation

@mergify
Copy link
Contributor

@mergify mergify bot commented Jul 22, 2025
edited by hl662
Loading

Fix GHSA-fjxv-7rqg-78g4 and GHSA-xffm-g5w8-qvg7

  • Requires bumping @itwin/eslint-plugin to v5.2.1, that includes a newer version of @typescript/eslint-plugin to fix the latter cve.
  • Cherry picks commits done in Add lint step to version bump script #8272 to fix lint errors caused by new lint rules since last eslint-plugin bump

@hl662 @mergify
Address CVE GHSA-fjxv-7rqg-78g4 (#8342)
013a7b1 
(cherry picked from commit 53e2794)

# Conflicts:
#	common/config/rush/pnpm-lock.yaml
@mergify mergify bot added the conflicts label Jul 22, 2025
@mergify mergify bot requested review from a team as code owners July 22, 2025 12:49
@mergify mergify bot assigned hl662 Jul 22, 2025
@mergify mergify bot added the conflicts label Jul 22, 2025
@mergify
Copy link
Contributor Author

mergify bot commented Jul 22, 2025
edited by hl662
Loading

Cherry-pick of 53e2794

@mergify mergify bot mentioned this pull request Jul 22, 2025
Merged
@mergify mergify bot requested a review from a team July 22, 2025 12:50
@hl662 hl662 removed the conflicts label Jul 22, 2025
@hl662 hl662 enabled auto-merge (squash) July 22, 2025 13:38
@hl662 hl662 changed the title Address CVE GHSA-fjxv-7rqg-78g4 (backport #8342) [release/5.0.x] Address CVE GHSA-fjxv-7rqg-78g4, GHSA-xffm-g5w8-qvg7 (backport #8342) [release/5.0.x] Jul 22, 2025
@hl662 hl662 changed the title Address CVE GHSA-fjxv-7rqg-78g4, GHSA-xffm-g5w8-qvg7 (backport #8342) [release/5.0.x] Address CVE GHSA-fjxv-7rqg-78g4, GHSA-xffm-g5w8-qvg7, bump @itwin/eslint-plugin Jul 22, 2025
@aruniverse aruniverse disabled auto-merge July 22, 2025 19:16
@aruniverse aruniverse merged commit 3c113a5 into release/5.0.x Jul 22, 2025
16 checks passed
@aruniverse aruniverse deleted the mergify/bp/release/5.0.x/pr-8342 branch July 22, 2025 19:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aruniverse aruniverse aruniverse approved these changes

@markschlosseratbentley markschlosseratbentley markschlosseratbentley approved these changes

@tcobbs-bentley tcobbs-bentley tcobbs-bentley approved these changes

@ben-polinsky ben-polinsky ben-polinsky approved these changes

@MichaelSwigerAtBentley MichaelSwigerAtBentley MichaelSwigerAtBentley approved these changes

@GerardasB GerardasB Awaiting requested review from GerardasB GerardasB is a code owner automatically assigned from iTwin/itwinjs-core

@eringram eringram Awaiting requested review from eringram eringram is a code owner automatically assigned from iTwin/itwinjs-core

@paulius-valiunas paulius-valiunas Awaiting requested review from paulius-valiunas paulius-valiunas is a code owner automatically assigned from iTwin/itwinjs-core

@ColinKerr ColinKerr Awaiting requested review from ColinKerr ColinKerr is a code owner

@christophermlawson christophermlawson Awaiting requested review from christophermlawson

@naveedkhan8067 naveedkhan8067 Awaiting requested review from naveedkhan8067 naveedkhan8067 is a code owner

@calebmshafer calebmshafer Awaiting requested review from calebmshafer calebmshafer is a code owner

@wgoehrig wgoehrig Awaiting requested review from wgoehrig wgoehrig is a code owner

@swbsi swbsi Awaiting requested review from swbsi swbsi is a code owner

@danieliborra danieliborra Awaiting requested review from danieliborra danieliborra is a code owner

@bbastings bbastings Awaiting requested review from bbastings bbastings is a code owner

@pmconne pmconne Awaiting requested review from pmconne pmconne is a code owner

@StefanApfel-Bentley StefanApfel-Bentley Awaiting requested review from StefanApfel-Bentley StefanApfel-Bentley is a code owner

Assignees

@hl662 hl662

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@aruniverse @markschlosseratbentley @tcobbs-bentley @ben-polinsky @MichaelSwigerAtBentley @hl662