Skip to content

Commit fe56a39

Browse files
mikepenzmikepenz
committed
fix: address moderate security vulnerability in undici (GHSA-g9mf-h72j-4rw9)
- Add undici override to force version ^6.23.0 - Fixes unbounded decompression chain vulnerability - Update test files to support alternative token environment variable - Rebuild dist files with updated dependencies
1 parent 7f7d0e7 commit fe56a39

7 files changed

Lines changed: 26909 additions & 27643 deletions

File tree

__tests__/releaseNotesBuilder.test.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ import {expect, test} from 'vitest'
66

77
clear()
88

9-
const token = process.env.GITHUB_TOKEN || ''
9+
const token = process.env.GITHUB_TOKEN || process.env.GITHUB__TEST_TOKEN || ''
1010
const githubRepository = new GithubRepository(token, undefined, '.')
1111
test('[Github] Should match generated changelog (unspecified fromTag)', async () => {
1212
const configuration = mergeConfiguration(undefined, resolveConfiguration('', 'configs/configuration.json'))

__tests__/releaseNotesBuilderPull.test.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ clear()
1111
// load octokit instance
1212
const enablePullData = false // if false -> use cache for data
1313

14-
const token = process.env.GITHUB_TOKEN || ''
14+
const token = process.env.GITHUB_TOKEN || process.env.GITHUB__TEST_TOKEN || ''
1515
const githubRepository = new GithubRepository(token, undefined, '.')
1616
test('Should have empty changelog (tags)', async () => {
1717
const configuration = mergeConfiguration(undefined, resolveConfiguration('', 'configs/configuration.json'))

0 commit comments

Comments
 (0)