Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0047535
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[POS2] Coremajorhave not tried2021-08-11 16:232021-11-16 15:07
ReportershuehnerView Statuspublic 
Assigned Toplatform 
PrioritynormalResolutionopenFixed in Version
StatusscheduledFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0047535: Update package-lock.json to fix npm audit issues

Descriptionnpm audit reports problems which should be fixed by updating versions in the package-lock.json

found 621 vulnerabilities (607 moderate, 14 high) in 3127 scanned packages
  run `npm audit fix` to fix 584 of them.
  1 vulnerability requires semver-major dependency updates.
  36 vulnerabilities require manual review. See the full report for details.

Grouping them to causing package:
npm audit | grep 'Package' | sort | uniq -c
      4 │ Package │ browserslist => Tracked as (47415 already)
     30 │ Package │ glob-parent => Tracked as (47415 already)
    554 │ Package │ path-parse
     17 │ Package │ ssri
     10 │ Package │ tar
      4 │ Package │ trim
      2 │ Package │ url-parse

Note: Some other issues are tracked as 47411 (and blocked externally). However 47411 is missing list of what is covered exactly.
Steps To Reproducerun "npm audit" in source.path
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to design defect 0047411 acknowledgedplatform POS2 npm audit reports issues for CRA 
related to design defect 0047415 acknowledgedplatform POS2 npm audit reports issues for Storybook 
related to defect 0047534 closedjarmendariz Openbravo ERP Update package-lock.json to fix npm audit issues 

-  Notes
(0133104)
hgbot (developer)
2021-11-16 13:31

Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/666 [^]

- Issue History
Date Modified Username Field Change
2021-08-11 16:23 shuehner New Issue
2021-08-11 16:23 shuehner Assigned To => Retail
2021-08-11 16:23 shuehner Triggers an Emergency Pack => No
2021-08-11 16:25 shuehner Description Updated View Revisions
2021-08-11 16:26 shuehner Relationship added related to 0047411
2021-08-11 16:26 shuehner Relationship added related to 0047415
2021-08-11 16:26 shuehner Relationship added related to 0047534
2021-08-23 09:51 dmiguelez Assigned To Retail => platform
2021-08-23 09:51 dmiguelez Status new => acknowledged
2021-08-23 09:51 dmiguelez Resolution time => 1630879200
2021-11-16 13:31 hgbot Note Added: 0133104
2021-11-16 15:07 AugustoMauch Status acknowledged => scheduled


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker