Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Revisions: Issue #47535 Back to Issue ]
Summary 0047535: Update package-lock.json to fix npm audit issues
Revision 2021-08-11 16:25 by shuehner
Description npm audit reports problems which should be fixed by updating versions in the package-lock.json

found 621 vulnerabilities (607 moderate, 14 high) in 3127 scanned packages
  run `npm audit fix` to fix 584 of them.
  1 vulnerability requires semver-major dependency updates.
  36 vulnerabilities require manual review. See the full report for details.

Grouping them to causing package:
npm audit | grep 'Package' | sort | uniq -c
      4 │ Package │ browserslist => Tracked as (47415 already)
     30 │ Package │ glob-parent => Tracked as (47415 already)
    554 │ Package │ path-parse
     17 │ Package │ ssri
     10 │ Package │ tar
      4 │ Package │ trim
      2 │ Package │ url-parse

Note: Some other issues are tracked as 47411 (and blocked externally). However 47411 is missing list of what is covered exactly.
Revision 2021-08-11 16:23 by shuehner
Description npm audit reports problems which should be fixed by updating versions in the package-lock.json

found 621 vulnerabilities (607 moderate, 14 high) in 3127 scanned packages
  run `npm audit fix` to fix 584 of them.
  1 vulnerability requires semver-major dependency updates.
  36 vulnerabilities require manual review. See the full report for details.

Grouping them to causing package:
npm audit | grep 'Package' | sort | uniq -c
      4 │ Package │ browserslist
     30 │ Package │ glob-parent
    554 │ Package │ path-parse
     17 │ Package │ ssri
     10 │ Package │ tar
      4 │ Package │ trim
      2 │ Package │ url-parse


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker