Skip to content

GQL-143 Resolve Snyk Vulnerabilities Feb 2026#180

Merged
william-valencia merged 2 commits intomainfrom
GQL-143
Feb 26, 2026
Merged

GQL-143 Resolve Snyk Vulnerabilities Feb 2026#180
william-valencia merged 2 commits intomainfrom
GQL-143

Conversation

@william-valencia
Copy link
Contributor

@william-valencia william-valencia commented Feb 26, 2026
edited by eudoroolivares2016
Loading

Overview

What is the feature?

cmr-graphql package is being flagged as a snyk vulnerability

What is the Solution?

Moving eslint dependencies to dev dependencies. Also did an 'npm audit fix'

What areas of the application does this impact?

package.json and package-lock.json

Testing

Reproduction steps

  • Environment for testing:
  • Collection to test with:

Check https://app.snyk.io/org/esdis-cumulus-core-gibs-cmr-etc./project/d39edb4e-2801-4809-ab11-67a705f0b3d6/pr-check/5e362bd1-f240-44a4-ac9d-7c435623d660
Make sure the cmr-graphql package is not flagged as malicious

Attachments

Please include relevant screenshots or files that would be helpful in reviewing and verifying this change.

Checklist

  • I have added automated tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings

@codecov
Copy link

codecov bot commented Feb 26, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (0120187) to head (6efa612).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##              main      #180   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files          115       115           
  Lines         2706      2706           
  Branches       330       330           
=========================================
  Hits          2706      2706

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@william-valencia william-valencia merged commit 06876d6 into main Feb 26, 2026
9 checks passed
@william-valencia william-valencia deleted the GQL-143 branch February 26, 2026 23:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eudoroolivares2016 eudoroolivares2016 eudoroolivares2016 approved these changes

@mandyparson mandyparson mandyparson approved these changes

@macrouch macrouch Awaiting requested review from macrouch

@trevorlang trevorlang Awaiting requested review from trevorlang

@cgokey cgokey Awaiting requested review from cgokey

@htranho htranho Awaiting requested review from htranho

@bmsultz-nasa bmsultz-nasa Awaiting requested review from bmsultz-nasa

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@william-valencia @eudoroolivares2016 @mandyparson