Permit major upgrades to @koa/cors@5

These can be removed once we revert #96. https://nvd.nist.goiv/vuln/detail/CVE-2023-49803
seek-oss · Dec 12, 2023 · 35e03ff · 35e03ff
1 parent f0351e3
commit 35e03ff
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 0 deletions.
diff --git a/default.json b/default.json
@@ -45,6 +45,13 @@
 
       "enabled": false
     },
+    {
+      "matchUpdateTypes": ["major"],
+      "matchPackageNames": ["@koa/cors"],
+      "allowedVersions": "< 6",
+
+      "enabled": true
+    },
     {
       "matchManagers": ["npm"],
       "matchPackageNames": ["eslint"],

diff --git a/non-critical.json b/non-critical.json
@@ -21,6 +21,13 @@
       "matchUpdateTypes": ["major"],
       "enabled": false
     },
+    {
+      "matchUpdateTypes": ["major"],
+      "matchPackageNames": ["@koa/cors"],
+      "allowedVersions": "< 6",
+
+      "enabled": true
+    },
     {
       "matchManagers": ["npm"],
       "matchPackageNames": ["aws-sdk-mock"],

diff --git a/third-party-major.json b/third-party-major.json
@@ -57,6 +57,13 @@
 
       "enabled": false
     },
+    {
+      "matchUpdateTypes": ["major"],
+      "matchPackageNames": ["@koa/cors"],
+      "allowedVersions": "< 6",
+
+      "enabled": true
+    },
     {
       "excludePackagePatterns": ["^seek-jobs/", "^seek-oss/"],
       "matchManagers": ["buildkite"],