fix: FORMS-893 semver vuln and endpoint bug #1094
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WalterMoar
requested review from
timisenco2015,
vijaivir,
jasonchung1871,
bcvesalink and
Sai-CITZ
jasonchung1871
approved these changes
Oct 19, 2023
timisenco2015
added a commit
that referenced
this pull request
Oct 20, 2023
* fix: FORMS-891 vuetify traditional chinese support (#1072) Co-authored-by: Walter Moar <[email protected]> * fix: filter out draft submissions on the submission page search * fix: remove boolean check for filterformSubmissionStatusCode props * fix: urgent timeout increase to fix outage (#1084) * Fix/urgent timeout increase (#1085) * fix: urgent timeout increase to fix outage * fix: database view performance (#1091) * fix: simplification of user form access view (#1087) * fix: database view performance (#1090) * fix: simplification of user form access view * fix: remove the sorting in user_form_access_vw --------- Co-authored-by: Walter Moar <[email protected]> * fix: FORMS-893 semver vuln and endpoint bug (#1094) * FORMS-881 - Not allow to save drafts if form validation fails (#1048) * fix: not allow to save drafts if form validation fails * fix: make validation run on render for drafts. remove disable save draft button on validation fails * update: add countdown timer to token expiration warning dialog - add a countdown timer to the token expiration warning dialog - wrote unit tests for the frontend changes - added multi lang to the new components created * feat: FORMS-882 add submissionId to exports Co-authored-by: Walter Moar <[email protected]> * fix: FORMS-899 revert timeout and simplify views (#1093) * fix: FORMS-899 remove sorting in views * fix: FORMS-899 revert frontend timeout change --------- Co-authored-by: Walter Moar <[email protected]> --------- Co-authored-by: bcgov-citz-ccft <[email protected]> Co-authored-by: Walter Moar <[email protected]> Co-authored-by: bcvesalink <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
The GitHub Dependabot process has created an alert for the semver dependency. To satisfy the requirements outlined in the Security Threat and Risk Assessment's (STRA) Statement of Acceptable Risks (SoAR), this vulnerability must be handled by updating the package version (or mitigated in some other way, if updating the package is not possible).
https://github.com/bcgov/common-hosted-form-service/security/dependabot/142
Also there is a bug in the tests such that they only work in the local environment and not against the deployments in OCP. This is due to the differences in the SSO configurations and is a very minor fix.
Types of changes
Bug fix (non-breaking change which fixes an issue)
Checklist
Further comments
This one doesn't need a feature branch / deploy since it doesn't affect the actual application.