Project:
View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | ||||||||
0048560 | ||||||||
Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
defect | [Openbravo ERP] A. Platform | major | have not tried | 2022-02-09 00:00 | 2022-05-31 12:06 | |||
Reporter | AugustoMauch | View Status | public | |||||
Assigned To | ablasco | |||||||
Priority | normal | Resolution | fixed | Fixed in Version | ||||
Status | closed | Fix in branch | Fixed in SCM revision | |||||
Projection | none | ETA | none | Target Version | ||||
OS | Any | Database | Any | Java version | ||||
OS Version | Database version | Ant version | ||||||
Product Version | SCM revision | |||||||
Review Assigned To | ||||||||
Web browser | ||||||||
Modules | Core | |||||||
Regression level | ||||||||
Regression date | ||||||||
Regression introduced in release | ||||||||
Regression introduced by commit | ||||||||
Triggers an Emergency Pack | No | |||||||
Summary | 0048560: core2: Update package-lock.json to fix npm audit issues | |||||||
Description | npm audit reports problems which should be fixed by updating versions in the package-lock.json found 75 vulnerabilities (2 low, 21 moderate, 48 high, 4 critical) in 2952 scanned packages run `npm audit fix` to fix 53 of them. | |||||||
Steps To Reproduce | run "npm audit" in source.path | |||||||
Proposed Solution | Run npm audit fix two (!) times - one execution alone does not fix all issues which it could fix - 2nd execution adds more fixes - A 3rd execution does not reduce number of audit issues found so is not necessary | |||||||
Tags | No tags attached. | |||||||
Attached Files | ||||||||
Relationships [ Relation Graph ] [ Dependency Graph ] | |
Notes | |
(0134839) hgbot (developer) 2022-02-09 00:08 |
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/701 [^] |
(0136104) shuehner (administrator) 2022-03-28 17:22 |
As usual MR should check for added packages & their licenses (if compatible) |
(0136105) hgbot (developer) 2022-03-28 17:22 |
Merge request closed: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/701 [^] |
(0136107) shuehner (administrator) 2022-03-28 17:23 |
Closed old MR as it was over a month old and npm packages & version change very frequently. |
(0137536) hgbot (developer) 2022-05-19 13:48 |
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/753 [^] |
(0137889) hgbot (developer) 2022-05-31 12:06 |
Directly closing issue as related merge request is already approved. Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2 [^] Changeset: 7a48b1f77beb9585de0508ebd4881954a69e1bf5 Author: Augusto Mauch <augusto.mauch@openbravo.com> Date: 31-05-2022 10:40:02 URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/commit/7a48b1f77beb9585de0508ebd4881954a69e1bf5 [^] Fixes ISSUE-48560: Executes npm audit fix to fix vulnerabilities --- M web-jspack/org.openbravo.core2/package-lock.json --- |
(0137890) hgbot (developer) 2022-05-31 12:06 |
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/753 [^] |
Issue History | |||
Date Modified | Username | Field | Change |
2022-02-09 00:00 | AugustoMauch | New Issue | |
2022-02-09 00:00 | AugustoMauch | Assigned To | => Triage Platform Base |
2022-02-09 00:00 | AugustoMauch | Modules | => Core |
2022-02-09 00:00 | AugustoMauch | Triggers an Emergency Pack | => No |
2022-02-09 00:00 | AugustoMauch | Issue generated from | 0048346 |
2022-02-09 00:08 | hgbot | Note Added: 0134839 | |
2022-02-09 00:10 | AugustoMauch | Status | new => scheduled |
2022-03-28 15:24 | shuehner | Issue cloned | 0048913 |
2022-03-28 17:22 | shuehner | Note Added: 0136104 | |
2022-03-28 17:22 | shuehner | Description Updated | View Revisions |
2022-03-28 17:22 | shuehner | Proposed Solution updated | |
2022-03-28 17:22 | hgbot | Note Added: 0136105 | |
2022-03-28 17:23 | shuehner | Note Added: 0136107 | |
2022-05-16 11:02 | AugustoMauch | Assigned To | Triage Platform Base => ablasco |
2022-05-19 13:48 | hgbot | Note Added: 0137536 | |
2022-05-31 12:06 | hgbot | Resolution | open => fixed |
2022-05-31 12:06 | hgbot | Status | scheduled => closed |
2022-05-31 12:06 | hgbot | Note Added: 0137889 | |
2022-05-31 12:06 | hgbot | Note Added: 0137890 |
Copyright © 2000 - 2009 MantisBT Group |