Openbravo Issue Tracking System - POS2
View Issue Details
0047411POS2Corepublic2021-07-19 12:592021-07-20 07:00
alostale 
Retail 
normalminorhave not tried
newopen 
5
 
 
No
0047411: npm audit reports issues for CRA
When npm audit is executed, some issues are reported for CRA dependencies.

Transitory dependencies with those issues cannot be easily updated (without ejecting CRA) and it seems CRA's team is not planning to get those fixed claiming they are not exploitable [1].

[1] https://github.com/facebook/create-react-app/issues/11174 [^]
Run npm audit in core2:

$ npm audit --production
...
found 8 vulnerabilities (6 moderate, 2 high) in 2010 scanned packages
  run `npm audit fix` to fix 2 of them.
  1 vulnerability requires semver-major dependency updates.
  5 vulnerabilities require manual review. See the full report for details.

No tags attached.
related to defect 0046777 closed platform Update package-lock.json to fix npm audit issues 
related to design defect 0047415 new Retail npm audit reports issues for Storybook 
related to defect 0047535 acknowledged platform Update package-lock.json to fix npm audit issues 
Issue History
2021-07-19 12:59alostaleNew Issue
2021-07-19 12:59alostaleAssigned To => Retail
2021-07-19 12:59alostaleTriggers an Emergency Pack => No
2021-07-19 12:59alostaleRelationship addedrelated to 0046777
2021-07-19 13:00alostaleDescription Updatedbug_revision_view_page.php?rev_id=22895#r22895
2021-07-20 07:00alostaleSteps to Reproduce Updatedbug_revision_view_page.php?rev_id=22899#r22899
2021-07-20 07:04alostaleRelationship addedrelated to 0047415
2021-08-11 16:26shuehnerRelationship addedrelated to 0047535

There are no notes attached to this issue.