Anonymous | Login
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
TypeCategorySeverityReproducibilityDate SubmittedLast Update
design defect[POS2] Coreminorhave not tried2021-07-19 12:592021-10-18 11:26
ReporteralostaleView Statuspublic 
Assigned Toplatform 
PrioritynormalResolutionopenFixed in Version
StatusacknowledgedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo

0047411: npm audit reports issues for CRA

DescriptionWhen npm audit is executed, some issues are reported for CRA dependencies.

Transitory dependencies with those issues cannot be easily updated (without ejecting CRA) and it seems CRA's team is not planning to get those fixed claiming they are not exploitable [1].

[1] [^]
Steps To ReproduceRun npm audit in core2:

$ npm audit --production
found 8 vulnerabilities (6 moderate, 2 high) in 2010 scanned packages
  run `npm audit fix` to fix 2 of them.
  1 vulnerability requires semver-major dependency updates.
  5 vulnerabilities require manual review. See the full report for details.

TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to defect 0046777 closedplatform Update package-lock.json to fix npm audit issues 
related to design defect 0047415 acknowledgedplatform npm audit reports issues for Storybook 
related to defect 0047535 acknowledgedplatform Update package-lock.json to fix npm audit issues 

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2021-07-19 12:59 alostale New Issue
2021-07-19 12:59 alostale Assigned To => Retail
2021-07-19 12:59 alostale Triggers an Emergency Pack => No
2021-07-19 12:59 alostale Relationship added related to 0046777
2021-07-19 13:00 alostale Description Updated View Revisions
2021-07-20 07:00 alostale Steps to Reproduce Updated View Revisions
2021-07-20 07:04 alostale Relationship added related to 0047415
2021-08-11 16:26 shuehner Relationship added related to 0047535
2021-10-18 11:26 guilleaer Assigned To Retail => platform
2021-10-18 11:26 guilleaer Status new => acknowledged

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker