diff options
| author | Chris Kay <chris.kay@arm.com> | 2021-05-12 15:22:42 +0100 |
|---|---|---|
| committer | Chris Kay <chris.kay@arm.com> | 2021-05-12 15:43:56 +0100 |
| commit | 7fff6c70ed9de55ace9cccc1d9b65375bcdc33e3 (patch) | |
| tree | d5fe5490f3fbbb4a2849670c38e8986e36e61aec /package.json | |
| parent | 57dde21207c7fecbb78c2019a71ffb65ca740dc3 (diff) | |
| download | arm-trusted-firmware-7fff6c70ed9de55ace9cccc1d9b65375bcdc33e3.tar.gz | |
build(hooks): update Commitizen to ^4.2.4
An indirect dependency of Commitizen (`merge`) is currently failing the
NPM.js auditor due to vulnerability CVE-2020-28499. This commit moves
the minimum version of Commitizen to 4.2.4, which has resolved this
vulnerability.
Change-Id: Ia9455bdbe02f7406c1a106f173c4095943a201ed
Signed-off-by: Chris Kay <chris.kay@arm.com>
Diffstat (limited to 'package.json')
| -rw-r--r-- | package.json | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/package.json b/package.json index 04f5ffbcf..ebd5d55b8 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "devDependencies": { "@commitlint/cli": "^11.0.0", "@commitlint/config-conventional": "^11.0.0", - "commitizen": "^4.2.2", + "commitizen": "^4.2.4", "cz-conventional-changelog": "^3.3.0", "husky": "^5.0.4" } |