Skip to content

[PR-BOT] [JIRA: GRAL-5670] Fixed vulnerabilities#698

Closed
pipedrive-backoffice-pr[bot] wants to merge 1 commit intomasterfrom
PR-BOT-4e4be081cde076bf26f4526137a969eaaef0722be5968c6f87120dfe
Closed

[PR-BOT] [JIRA: GRAL-5670] Fixed vulnerabilities#698
pipedrive-backoffice-pr[bot] wants to merge 1 commit intomasterfrom
PR-BOT-4e4be081cde076bf26f4526137a969eaaef0722be5968c6f87120dfe

Conversation

@pipedrive-backoffice-pr
Copy link

@pipedrive-backoffice-pr pipedrive-backoffice-pr bot commented Jan 26, 2026

Fixed vulnerabilities

Dependency Affected Version Fixed Version Status Reason
cross-spawn 5.1.0 6.0.6 failed ❌ the latest minor direct dependency version did not fix sub dependency
qs 6.11.0 6.14.1 fixed ✅ fixed by npm audit fix

Related JIRA ticket:
https://pipedrive.atlassian.net/browse/GRAL-5670

Related Backoffice Task:
https://backoffice.pipedrive.tools/plugins/backoffice-plugin-pr-bot/history?taskId=304

PR was opened by infosec-vulnerability-scanner

@ziimk
Copy link
Contributor

ziimk commented Mar 26, 2026

Closing as the vulnerabilities addressed here are already resolved in the current master branch — see #720 which updated dependencies to versions that include all these fixes.

@ziimk ziimk closed this Mar 26, 2026
@ziimk ziimk deleted the PR-BOT-4e4be081cde076bf26f4526137a969eaaef0722be5968c6f87120dfe branch March 26, 2026 14:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

npm-version-patch used for deployment pr-bot-vulnerabilities-fixer

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ziimk