Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0046777
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[POS2] Coremajorhave not tried2021-05-21 10:292021-07-16 11:28
ReportershuehnerView Statuspublic 
Assigned Toplatform 
PrioritynormalResolutionfixedFixed in Version
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0046777: Update package-lock.json to fix npm audit issues

Descriptionnpm audit reports problems which should be fixed by updating versions in the package-lock.json

found 7201 vulnerabilities (267 moderate, 6934 high) in 2679 scanned packages
  run `npm audit fix` to fix 7109 of them.
  2 vulnerabilities require semver-major dependency updates.
  90 vulnerabilities require manual review. See the full report for details.

Grouping them to causing package:
$ npm audit | grep 'Package' | sort | uniq -c
     30 │ Package │ browserslist
      5 │ Package │ css-what
      1 │ Package │ dns-packet
     26 │ Package │ glob-parent
     88 │ Package │ hosted-git-info
   6916 │ Package │ lodash
    102 │ Package │ postcss
     10 │ Package │ prismjs
      8 │ Package │ ssri
      2 │ Package │ url-parse
     13 │ Package │ ws
Steps To Reproducecd modules/org.openbravo.core2/web-jspack/org.openbravo.core2
npm audit
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to defect 0046775PR21Q3 closedAugustoMauch Openbravo ERP Update package-lock.json to fix npm audit issues 
related to design defect 0047411 acknowledgedplatform POS2 npm audit reports issues for CRA 
related to design defect 0047415 acknowledgedplatform POS2 npm audit reports issues for Storybook 

-  Notes
(0128685)
guilleaer (manager)
2021-05-26 17:19

would make sense to do with same person as 46775 (for platform backoffice)
(0130482)
shuehner (administrator)
2021-07-14 18:01

Updating list of packages to update as of 2021-07-14
(0130508)
hgbot (developer)
2021-07-15 12:57

Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/596 [^]
(0130533)
hgbot (developer)
2021-07-16 11:28

Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2 [^]
Changeset: 80e72534ec30f8f8f3050f8309a958352535bfd2
Author: Asier Lostalé <asier.lostale@openbravo.com>
Date: 2021-07-16T09:28:05+00:00
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/commit/80e72534ec30f8f8f3050f8309a958352535bfd2 [^]

fixes ISSUE-46777: updates to fix npm audit

On top of automatic `npm audit fix` updates, the following libraries
have also been updated:

* react: 17.0.1 -> 17.0.2
* react-scripts: 4.0.0 -> 4.0.3

---
M web-jspack/org.openbravo.core2/package-lock.json
M web-jspack/org.openbravo.core2/package.json
---
(0130534)
hgbot (developer)
2021-07-16 11:28

Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/596 [^]

- Issue History
Date Modified Username Field Change
2021-05-21 10:29 shuehner New Issue
2021-05-21 10:29 shuehner Assigned To => Retail
2021-05-21 10:29 shuehner Triggers an Emergency Pack => No
2021-05-21 18:20 guilleaer Assigned To Retail => platform
2021-05-21 18:20 guilleaer Status new => acknowledged
2021-05-21 18:21 guilleaer Resolution time => 1626818400
2021-05-21 18:21 guilleaer Resolution time 1626818400 => 1625522400
2021-05-26 17:11 shuehner Status acknowledged => scheduled
2021-05-26 17:12 shuehner Resolution time 1625522400 =>
2021-05-26 17:13 shuehner Severity minor => major
2021-05-26 17:18 guilleaer Resolution time => 1623794400
2021-05-26 17:19 guilleaer Relationship added related to 0046775
2021-05-26 17:19 guilleaer Note Added: 0128685
2021-06-22 11:32 shuehner Resolution time 1623794400 => 1627509600
2021-07-14 18:01 shuehner Note Added: 0130482
2021-07-14 18:01 shuehner Description Updated View Revisions
2021-07-15 12:57 hgbot Note Added: 0130508
2021-07-16 11:28 hgbot Resolution open => fixed
2021-07-16 11:28 hgbot Status scheduled => closed
2021-07-16 11:28 hgbot Note Added: 0130533
2021-07-16 11:28 hgbot Note Added: 0130534
2021-07-19 12:59 alostale Relationship added related to 0047411
2021-07-20 07:04 alostale Relationship added related to 0047415


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker