Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

API-37743 Address Dependabot Findings #489

Closed
wants to merge 2 commits into from

Conversation

mwise-va
Copy link
Contributor

Description

This PR addresses lighthouse-saml-proxy Dependabot findings - https://github.com/department-of-veterans-affairs/lighthouse-saml-proxy/security/dependabot

Related Issue(s)

https://jira.devops.va.gov/browse/API-37743

@mwise-va mwise-va requested a review from a team as a code owner June 26, 2024 18:35
"jest": "^29.6.1",
"puppeteer": "^17.1.3",
"puppeteer": "^22.12.1",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

that's a big puppeteer change, did we test this in the container or at least with the version of chrome driver being downloaded in the container?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally with npm test after making the changes.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Had docker-compose up -d redis running and used this to run saml-proxy npm run-script start-dev

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you tested inside the docker test container?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it will fully work on the Mac but you should at least see puppeteer connect to chrome api correctly

Copy link
Contributor Author

@mwise-va mwise-va Jun 27, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tried to build the test container locally on my Mac and it does not build. I think the not being able to build part is unrelated to these changes, and mac just struggles with building this test image.

@mwise-va mwise-va closed this Jul 2, 2024
@mwise-va mwise-va deleted the API-37743-address-dependabot-alerts branch July 2, 2024 13:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants