Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0047411
TypeCategorySeverityReproducibilityDate SubmittedLast Update
design defect[POS2] Coreminorhave not tried2021-07-19 12:592024-01-09 07:35
ReporteralostaleView Statuspublic 
Assigned ToTriage Platform Base 
PrioritynormalResolutionout of dateFixed in Version
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0047411: npm audit reports issues for CRA

DescriptionWhen npm audit is executed, some issues are reported for CRA dependencies.

Transitory dependencies with those issues cannot be easily updated (without ejecting CRA) and it seems CRA's team is not planning to get those fixed claiming they are not exploitable [1].

[1] https://github.com/facebook/create-react-app/issues/11174 [^]
Steps To ReproduceRun npm audit in core2:

$ npm audit --production
...
found 8 vulnerabilities (6 moderate, 2 high) in 2010 scanned packages
  run `npm audit fix` to fix 2 of them.
  1 vulnerability requires semver-major dependency updates.
  5 vulnerabilities require manual review. See the full report for details.

TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
duplicate of defect 0053862 closedablasco Update all npm libraries to their latest version RM-9106 
related to defect 0046777 closedplatform Update package-lock.json to fix npm audit issues 
related to design defect 0047415 closedTriage Platform Base npm audit reports issues for Storybook 
related to defect 0047535 closedplatform Update package-lock.json to fix npm audit issues 

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2021-07-19 12:59 alostale New Issue
2021-07-19 12:59 alostale Assigned To => Retail
2021-07-19 12:59 alostale Triggers an Emergency Pack => No
2021-07-19 12:59 alostale Relationship added related to 0046777
2021-07-19 13:00 alostale Description Updated View Revisions
2021-07-20 07:00 alostale Steps to Reproduce Updated View Revisions
2021-07-20 07:04 alostale Relationship added related to 0047415
2021-08-11 16:26 shuehner Relationship added related to 0047535
2021-10-18 11:26 guilleaer Assigned To Retail => platform
2021-10-18 11:26 guilleaer Status new => acknowledged
2022-02-01 08:07 alostale Assigned To platform => Triage Platform Base
2024-01-09 07:35 alostale Relationship added duplicate of 0053862
2024-01-09 07:35 alostale Status acknowledged => scheduled
2024-01-09 07:35 alostale Status scheduled => closed
2024-01-09 07:35 alostale Resolution open => out of date


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker