upgrade moment dependency #6921
Labels
good first issue
Issues marked as ideal for a brand new contributor to start with
tech-debt
Issues and pull requests related to addressing technical debt or improving the codebase
Projects
I just got a notification about
CVE-2017-18214
which was raised against themoment
project: moment/moment#4163We use
moment
in a few places, and the ReDos vulnerability is an interesting read, but until I hear more I'm going to leave this open for someone to have a go at:app/package.json
to2.19.3
or laterdesktop/app/package.json
Line 39 in 6eb4064
run
yarn
from the root to update the lock filecommit both of these changes
test out the app to ensure it still renders relative dates correctly
Places to check as part of verifying the upgrade:
The text was updated successfully, but these errors were encountered: