Skip to content

MLE-25617 Bumping audit level check to moderate #1051

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rjrudin merged 1 commit into from
Jan 20, 2026
Merged

MLE-25617 Bumping audit level check to moderate #1051

rjrudin merged 1 commit into from
Jan 20, 2026

Conversation

@rjrudin
Copy link
Contributor

@rjrudin rjrudin commented Jan 20, 2026

The build has been failing because of low-level vulnerabilities due to jsdiff, which is a test-only dependency of mocha. There's no patch for jsdiff yet, so bumping the audit check to moderate level vulnerabilities for now.

@rjrudin
MLE-25617 Bumping audit level check to moderate
73e6dcd 
The build has been failing because of low-level vulnerabilities due to jsdiff, which is a test-only dependency of mocha. There's no patch for jsdiff yet, so bumping the audit check to moderate level vulnerabilities for now.
Copilot AI review requested due to automatic review settings January 20, 2026 14:31
Copilot AI reviewed Jan 20, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adjusts the npm audit threshold in the CI/CD pipeline to temporarily work around build failures caused by low-severity vulnerabilities in jsdiff, a test-only dependency. The audit level is raised from low to moderate until a patch becomes available.

Changes:

  • Modified npm audit command to use --audit-level=moderate instead of --audit-level=low

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link

github-actions bot commented Jan 20, 2026

Copyright Validation Results
Total: 2 | Passed: 0 | Failed: 0 | Skipped: 2 | at: 2026-01-20 14:31:43 UTC | commit: 73e6dcd

⏭️ Skipped (Excluded) Files

  • Jenkinsfile
  • package-lock.json

✅ All files have valid copyright headers!

@rjrudin rjrudin merged commit eee2053 into develop Jan 20, 2026
4 checks passed
@rjrudin rjrudin deleted the feature/audit-fix branch January 20, 2026 14:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@BillFarber BillFarber BillFarber approved these changes

@anu3990 anu3990 Awaiting requested review from anu3990 anu3990 is a code owner

@stevebio stevebio Awaiting requested review from stevebio stevebio is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rjrudin @BillFarber