Anonymous | Login

Project:

News | My View | View Issues | Roadmap | Summary

View Issue Details[ Jump to Notes ]

[ Issue History ] [ Print ]

ID

0046775

Type

Category

Severity

Reproducibility

Date Submitted

Last Update

defect

[Openbravo ERP] A. Platform

major

have not tried

2021-05-21 10:13

2021-06-30 15:41

Reporter

shuehner

View Status

public

Assigned To

AugustoMauch

Priority

normal

Resolution

fixed

Fixed in Version

PR21Q3

Status

closed

Fix in branch

Fixed in SCM revision

Projection

none

ETA

none

Target Version

PR21Q3

OS

Any

Database

Any

Java version

OS Version

Database version

Ant version

Product Version

SCM revision

Review Assigned To

Web browser

Modules

Core

Regression level

Regression date

Regression introduced in release

Regression introduced by commit

Triggers an Emergency Pack

No

Summary

0046775: Update package-lock.json to fix npm audit issues

Description

npm audit reports problems which should be fixed by updating versions in the package-lock.json

found 4103 vulnerabilities (1 low, 68 moderate, 4034 high) in 921 scanned packages
  run `npm audit fix` to fix 4103 of them.

Grouping them to causing package:
$ npm audit | grep 'Package' | sort | uniq -c
     68 │ Package │ hosted-git-info
   4034 │ Package │ lodash
      1 │ Package │ xmldom

Steps To Reproduce

run "npm audit" in source.path

Tags

No tags attached.

Relationships [ Relation Graph ] [ Dependency Graph ]

related to

defect

closed

POS2

Update package-lock.json to fix npm audit issues

Notes
(0129960) hgbot (developer) 2021-06-29 17:13	Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/410 [^]

(0130025) hgbot (developer) 2021-06-30 15:41	Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/410 [^]

(0130026) hgbot (developer) 2021-06-30 15:41	Directly closing issue as related merge request is already approved. Repository: https://gitlab.com/openbravo/product/openbravo [^] Changeset: a7f9231b35a7d352f5c8965881365d3c390e2b73 Author: Augusto Mauch <augusto.mauch@openbravo.com> Date: 2021-06-30T13:41:18+00:00 URL: https://gitlab.com/openbravo/product/openbravo/-/commit/a7f9231b35a7d352f5c8965881365d3c390e2b73 [^] Fixes ISSUE-46775: Update package-lock and package-lock.json to fix npm audit issues Updated dependencies: browserslist: 4.16.1 -> 4.16.6 caniuse-lite: 1.0.30001177 -> 1.0.30001241 colorette: 1.2.1 -> 1.2.2 electron-to-chromium: 1.3.639 -> 1.3.761 node-releases: 1.1.69 -> 1.1.73 glob-parent: 5.1.1 -> 5.1.2 hosted-git-info: 2.8.8 -> 2.8.9 lodash: 4.17.20 -> 4.17.21 ws: 7.4.2 -> 7.5.1 xmldom: 0.1.31 -> 0.6.0 babel.config.js has been updated to also include the current version of node(the one that executes for example npm test). This is due to some features that were only present in node 15 being used and not available for node 14. --- M babel.config.js M package-lock.json M package.json ---

Issue History
Date Modified	Username	Field	Change
2021-05-21 10:13	shuehner	New Issue
2021-05-21 10:13	shuehner	Assigned To	=> platform
2021-05-21 10:13	shuehner	Modules	=> Core
2021-05-21 10:13	shuehner	Triggers an Emergency Pack	=> No
2021-05-21 10:14	shuehner	Target Version	=> PR21Q3
2021-05-26 17:19	guilleaer	Relationship added	related to 0046777
2021-06-22 09:41	shuehner	Resolution time	=> 1627509600
2021-06-22 09:41	shuehner	Severity	minor => major
2021-06-29 17:11	AugustoMauch	Status	new => scheduled
2021-06-29 17:11	AugustoMauch	Assigned To	platform => AugustoMauch
2021-06-29 17:13	hgbot	Note Added: 0129960
2021-06-30 15:41	hgbot	Resolution	open => fixed
2021-06-30 15:41	hgbot	Status	scheduled => closed
2021-06-30 15:41	hgbot	Note Added: 0130025
2021-06-30 15:41	hgbot	Fixed in Version	=> PR21Q3
2021-06-30 15:41	hgbot	Note Added: 0130026

Copyright © 2000 - 2009 MantisBT Group