Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0046775Openbravo ERPA. Platformpublic2021-05-21 10:132021-06-30 15:41
Reportershuehner 
Assigned ToAugustoMauch 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionPR21Q3Fixed in VersionPR21Q3 
Merge Request Statusapproved
Review Assigned To
OBNetwork customerOBPS
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0046775: Update package-lock.json to fix npm audit issues
Descriptionnpm audit reports problems which should be fixed by updating versions in the package-lock.json

found 4103 vulnerabilities (1 low, 68 moderate, 4034 high) in 921 scanned packages
  run `npm audit fix` to fix 4103 of them.

Grouping them to causing package:
$ npm audit | grep 'Package' | sort | uniq -c
     68 │ Package │ hosted-git-info
   4034 │ Package │ lodash
      1 │ Package │ xmldom
Steps To Reproducerun "npm audit" in source.path
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
related to defect 0046777 closed platform POS2 Update package-lock.json to fix npm audit issues 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2021-05-21 10:13shuehnerNew Issue
2021-05-21 10:13shuehnerAssigned To => platform
2021-05-21 10:13shuehnerOBNetwork customer => No
2021-05-21 10:13shuehnerModules => Core
2021-05-21 10:13shuehnerTriggers an Emergency Pack => No
2021-05-21 10:14shuehnerTarget Version => PR21Q3
2021-05-26 17:19guilleaerRelationship addedrelated to 0046777
2021-06-22 09:41shuehnerOBNetwork customerNo => OBPS
2021-06-22 09:41shuehnerResolution time => 1627509600
2021-06-22 09:41shuehnerSeverityminor => major
2021-06-29 17:11AugustoMauchStatusnew => scheduled
2021-06-29 17:11AugustoMauchAssigned Toplatform => AugustoMauch
2021-06-29 17:13hgbotMerge Request Status => open
2021-06-29 17:13hgbotNote Added: 0129960
2021-06-30 13:12hgbotMerge Request Statusopen => approved
2021-06-30 15:41hgbotResolutionopen => fixed
2021-06-30 15:41hgbotStatusscheduled => closed
2021-06-30 15:41hgbotNote Added: 0130025
2021-06-30 15:41hgbotFixed in Version => PR21Q3
2021-06-30 15:41hgbotNote Added: 0130026

Notes
(0129960)
hgbot   
2021-06-29 17:13   
Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/410 [^]
(0130025)
hgbot   
2021-06-30 15:41   
Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/410 [^]
(0130026)
hgbot   
2021-06-30 15:41   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: a7f9231b35a7d352f5c8965881365d3c390e2b73
Author: Augusto Mauch <augusto.mauch@openbravo.com>
Date: 2021-06-30T13:41:18+00:00
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/a7f9231b35a7d352f5c8965881365d3c390e2b73 [^]

Fixes ISSUE-46775: Update package-lock and package-lock.json to fix npm audit issues

Updated dependencies:
    browserslist: 4.16.1 -> 4.16.6
    caniuse-lite: 1.0.30001177 -> 1.0.30001241
    colorette: 1.2.1 -> 1.2.2
    electron-to-chromium: 1.3.639 -> 1.3.761
    node-releases: 1.1.69 -> 1.1.73
    glob-parent: 5.1.1 -> 5.1.2
    hosted-git-info: 2.8.8 -> 2.8.9
    lodash: 4.17.20 -> 4.17.21
    ws: 7.4.2 -> 7.5.1
    xmldom: 0.1.31 -> 0.6.0

babel.config.js has been updated to also include the current version of
node(the one that executes for example npm test). This is due to some
features that were only present in node 15 being used and not available
for node 14.

---
M babel.config.js
M package-lock.json
M package.json
---