Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0048560Openbravo ERPA. Platformpublic2022-02-09 00:002022-05-31 12:06
ReporterAugustoMauch 
Assigned Toablasco 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in Version 
Merge Request Status
Review Assigned To
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0048560: core2: Update package-lock.json to fix npm audit issues
Descriptionnpm audit reports problems which should be fixed by updating versions in the package-lock.json

found 75 vulnerabilities (2 low, 21 moderate, 48 high, 4 critical) in 2952 scanned packages
  run `npm audit fix` to fix 53 of them.
Steps To Reproducerun "npm audit" in source.path
Proposed SolutionRun npm audit fix two (!) times
- one execution alone does not fix all issues which it could fix
- 2nd execution adds more fixes
- A 3rd execution does not reduce number of audit issues found so is not necessary

Additional Information
TagsNo tags attached.
Relationships
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2022-02-09 00:00AugustoMauchNew Issue
2022-02-09 00:00AugustoMauchAssigned To => Triage Platform Base
2022-02-09 00:00AugustoMauchModules => Core
2022-02-09 00:00AugustoMauchTriggers an Emergency Pack => No
2022-02-09 00:00AugustoMauchIssue generated from0048346
2022-02-09 00:08hgbotNote Added: 0134839
2022-02-09 00:10AugustoMauchStatusnew => scheduled
2022-03-28 15:24shuehnerIssue cloned0048913
2022-03-28 17:22shuehnerNote Added: 0136104
2022-03-28 17:22shuehnerDescription Updatedbug_revision_view_page.php?rev_id=23817#r23817
2022-03-28 17:22shuehnerProposed Solution updated
2022-03-28 17:22hgbotNote Added: 0136105
2022-03-28 17:23shuehnerNote Added: 0136107
2022-05-16 11:02AugustoMauchAssigned ToTriage Platform Base => ablasco
2022-05-19 13:48hgbotNote Added: 0137536
2022-05-31 12:06hgbotResolutionopen => fixed
2022-05-31 12:06hgbotStatusscheduled => closed
2022-05-31 12:06hgbotNote Added: 0137889
2022-05-31 12:06hgbotNote Added: 0137890

Notes
(0134839)
hgbot   
2022-02-09 00:08   
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/701 [^]
(0136104)
shuehner   
2022-03-28 17:22   
As usual MR should check for added packages & their licenses (if compatible)
(0136105)
hgbot   
2022-03-28 17:22   
Merge request closed: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/701 [^]
(0136107)
shuehner   
2022-03-28 17:23   
Closed old MR as it was over a month old and npm packages & version change very frequently.
(0137536)
hgbot   
2022-05-19 13:48   
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/753 [^]
(0137889)
hgbot   
2022-05-31 12:06   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2 [^]
Changeset: 7a48b1f77beb9585de0508ebd4881954a69e1bf5
Author: Augusto Mauch <augusto.mauch@openbravo.com>
Date: 31-05-2022 10:40:02
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/commit/7a48b1f77beb9585de0508ebd4881954a69e1bf5 [^]

Fixes ISSUE-48560: Executes npm audit fix to fix vulnerabilities

---
M web-jspack/org.openbravo.core2/package-lock.json
---
(0137890)
hgbot   
2022-05-31 12:06   
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/753 [^]