Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0042957
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] A. Platformmajorhave not tried2020-01-21 18:342020-01-28 13:22
ReportershuehnerView Statuspublic 
Assigned Tojarmendariz 
PriorityurgentResolutionfixedFixed in Version3.0PR20Q2
StatusclosedFix in branchFixed in SCM revisionc5ff57ca6732
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Toalostale
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0042957: Update package-lock.json to fix npm-reported vulnerabilities

DescriptionUsing npm install as necessary step for the jslint & formatter tools in pi shows following warning:
found 12 high severity vulnerabilities
  run `npm audit fix` to fix them, or `npm audit` for details

Cause is having package-lock.json fixing some npm packages to older versions still having those issues.

package-lock.json should be updated to pull in latest versions version of the dependencies.
Steps To ReproduceUse npm install in a clone of pi and review output
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to defect 0043705 closedplatform Fix security issues in npm dependencies 

-  Notes
(0117235)
jarmendariz (developer)
2020-01-24 13:35

Repository: erp/devel/pi
Changeset: c5ff57ca6732
Author: Javier Armendáriz <javier.armendariz <at> openbravo.com>
Date: Thu Jan 24 08:55:59 2020 +0100
URL: https://code.openbravo.com/erp/devel/pi/rev/c5ff57ca6732 [^] [^]

FIX-42957: Update package-lock to fix npm vulnerabilities.

---
M modules/org.openbravo.client.kernel/jsutils/check-npm-deps
M package-lock.json
---

- Issue History
Date Modified Username Field Change
2020-01-21 18:34 shuehner New Issue
2020-01-21 18:34 shuehner Assigned To => platform
2020-01-21 18:34 shuehner Modules => Core
2020-01-21 18:34 shuehner Triggers an Emergency Pack => No
2020-01-24 08:50 jarmendariz Assigned To platform => jarmendariz
2020-01-24 08:51 jarmendariz Status new => scheduled
2020-01-24 13:35 jarmendariz Note Added: 0117235
2020-01-24 13:35 jarmendariz Status scheduled => resolved
2020-01-24 13:35 jarmendariz Fixed in Version => 3.0PR20Q2
2020-01-24 13:35 jarmendariz Fixed in SCM revision => c5ff57ca6732
2020-01-24 13:35 jarmendariz Resolution open => fixed
2020-01-28 13:22 alostale Review Assigned To => alostale
2020-01-28 13:22 alostale Status resolved => closed
2020-04-08 10:58 jarmendariz Relationship added related to 0043705


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker