Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(buyers): document guest buyer #214

Merged
merged 3 commits into from
Sep 2, 2024
Merged

feat(buyers): document guest buyer #214

merged 3 commits into from
Sep 2, 2024

Conversation

gryevns
Copy link
Member

@gryevns gryevns commented Aug 27, 2024

Description

TA-7931

Adds documentation for buyer prop.

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own changes
  • I have run yarn lint to make sure my changes pass all tests
  • I have run yarn test to make sure my changes pass all linters
  • I have pulled the latest changes from the upstream main branch
  • I have tested both the react and the CDN versions on local and integration environments
  • I have added the necessary labels to this PR in case a new release needs to be published after merging into main (e.g. release and patch)

Contribution guidelines

For contribution guidelines, styleguide, and other helpful information please
see the CONTRIBUTING.md file in the root of this project.

@gryevns gryevns requested a review from luca-gr4vy August 27, 2024 16:11
@luca-gr4vy
Copy link
Contributor

You can probably add those two vulnerability codes to .trivignore for now

@gryevns
Copy link
Member Author

gryevns commented Aug 28, 2024

You can probably add those two vulnerability codes to .trivignore for now

I think they should probably be fixed to meet security requirements. I tried creating a PR for axios but another one just popped up...

@luca-gr4vy
Copy link
Contributor

You can probably add those two vulnerability codes to .trivignore for now

I think they should probably be fixed to meet security requirements. I tried creating a PR for axios but another one just popped up...

Usually we try to fix it by upgrading the dependency itself or any parent ones, although that might be hard. Sometimes it's enough to just resolve to the fixed version using yarn resolutions (we do that too). Not sure if this would solve it:

// package.json
resolutions: {
  ...
  "axios": "^1.7.4",
  "minimatch": "^4.0.8"
}

(then run yarn and commit the updated yarn.lock)

@gryevns
Copy link
Member Author

gryevns commented Aug 28, 2024

You can probably add those two vulnerability codes to .trivignore for now

I think they should probably be fixed to meet security requirements. I tried creating a PR for axios but another one just popped up...

Usually we try to fix it by upgrading the dependency itself or any parent ones, although that might be hard. Sometimes it's enough to just resolve to the fixed version using yarn resolutions (we do that too). Not sure if this would solve it:

// package.json
resolutions: {
  ...
  "axios": "^1.7.4",
  "minimatch": "^4.0.8"
}

(then run yarn and commit the updated yarn.lock)

I had a quick look but couldn't get webpack to update. There are lots of upgrades based on the PRs open for this repo - perhaps they need to be tackled first.

@luca-gr4vy
Copy link
Contributor

@gryevns this should help #217

@luca-gr4vy luca-gr4vy mentioned this pull request Aug 29, 2024
Merged
7 tasks
@gryevns gryevns requested a review from luca-gr4vy September 2, 2024 07:49
@gryevns gryevns merged commit 02f3621 into main Sep 2, 2024
5 checks passed
@gryevns gryevns deleted the ta-7931 branch September 2, 2024 07:52
@gr4vy-code
Copy link
Collaborator

🚀 PR was released in v2.29.0 🚀

@gr4vy-code gr4vy-code added the released Issue or pull request released label Oct 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cbetta cbetta cbetta left review comments

@luca-gr4vy luca-gr4vy luca-gr4vy approved these changes

Assignees
No one assigned
Labels
released Issue or pull request released
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@gryevns @luca-gr4vy @gr4vy-code @cbetta