Skip to content

Bump form-data from 4.0.0 to 4.0.4#168

Merged
greta-mik merged 2 commits intomainfrom
security-fix
Oct 10, 2025
Merged

Bump form-data from 4.0.0 to 4.0.4#168
greta-mik merged 2 commits intomainfrom
security-fix

Conversation

@greta-mik
Copy link
Contributor

@greta-mik greta-mik commented Oct 10, 2025

What?
Bump form-data from 4.0.0 to 4.0.4

Why?
security issues

@greta-mik greta-mik requested a review from a team as a code owner October 10, 2025 13:15
@coderabbitai
Copy link

coderabbitai bot commented Oct 10, 2025
edited
Loading

📝 Walkthrough

Walkthrough

The pull request modifies omnisend/package.json. It adds a new runtime dependency "form-data" at version 4.0.4 and updates the devDependency "@wordpress/scripts" from ^30.14.0 to ^30.25.0. No other dependencies, scripts, or configuration fields are changed.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Single-file change limited to dependency updates with no code or configuration logic alterations; the edits are straightforward and homogeneous.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Title Check ✅ Passed The title succinctly and accurately describes the primary change of bumping the form-data dependency from 4.0.0 to 4.0.4, making it clear to any reviewer what the pull request addresses without extraneous detail.
Description Check ✅ Passed The description directly relates to the changeset by stating the version bump of form-data and the security rationale, clearly tying the explanation to the actual modifications.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch security-fix
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b2809f0 and c252b7a.

⛔ Files ignored due to path filters (1)
  • omnisend/package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (1)
  • omnisend/package.json (1 hunks)
🔇 Additional comments (1)
omnisend/package.json (1)

12-14: Lockfile reflects form-data@4.0.4; no further update required. omnisend/package-lock.json already pins form-data to 4.0.4.

Comment @coderabbitai help to get the list of available commands and usage tips.

@greta-mik greta-mik merged commit e9bd940 into main Oct 10, 2025
2 checks passed
@greta-mik greta-mik deleted the security-fix branch October 10, 2025 13:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@agris-omnisend agris-omnisend agris-omnisend approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@greta-mik @agris-omnisend