Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0048560
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] A. Platformmajorhave not tried2022-02-09 00:002022-05-31 12:06
ReporterAugustoMauchView Statuspublic 
Assigned Toablasco 
PrioritynormalResolutionfixedFixed in Version
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0048560: core2: Update package-lock.json to fix npm audit issues

Descriptionnpm audit reports problems which should be fixed by updating versions in the package-lock.json

found 75 vulnerabilities (2 low, 21 moderate, 48 high, 4 critical) in 2952 scanned packages
  run `npm audit fix` to fix 53 of them.
Steps To Reproducerun "npm audit" in source.path
Proposed SolutionRun npm audit fix two (!) times
- one execution alone does not fix all issues which it could fix
- 2nd execution adds more fixes
- A 3rd execution does not reduce number of audit issues found so is not necessary

TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]

-  Notes
(0134839)
hgbot (developer)
2022-02-09 00:08

 Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/701 [^]
(0136104)
shuehner (administrator)
2022-03-28 17:22

 As usual MR should check for added packages & their licenses (if compatible)
(0136105)
hgbot (developer)
2022-03-28 17:22

 Merge request closed: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/701 [^]
(0136107)
shuehner (administrator)
2022-03-28 17:23

 Closed old MR as it was over a month old and npm packages & version change very frequently.
(0137536)
hgbot (developer)
2022-05-19 13:48

 Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/753 [^]
(0137889)
hgbot (developer)
2022-05-31 12:06

 Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2 [^]
Changeset: 7a48b1f77beb9585de0508ebd4881954a69e1bf5
Author: Augusto Mauch <augusto.mauch@openbravo.com>
Date: 31-05-2022 10:40:02
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/commit/7a48b1f77beb9585de0508ebd4881954a69e1bf5 [^]

Fixes ISSUE-48560: Executes npm audit fix to fix vulnerabilities

---
M web-jspack/org.openbravo.core2/package-lock.json
---
(0137890)
hgbot (developer)
2022-05-31 12:06

 Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/753 [^]

- Issue History
Date Modified Username Field Change
2022-02-09 00:00 AugustoMauch New Issue
2022-02-09 00:00 AugustoMauch Assigned To => Triage Platform Base
2022-02-09 00:00 AugustoMauch Modules => Core
2022-02-09 00:00 AugustoMauch Triggers an Emergency Pack => No
2022-02-09 00:00 AugustoMauch Issue generated from 0048346
2022-02-09 00:08 hgbot Note Added: 0134839
2022-02-09 00:10 AugustoMauch Status new => scheduled
2022-03-28 15:24 shuehner Issue cloned 0048913
2022-03-28 17:22 shuehner Note Added: 0136104
2022-03-28 17:22 shuehner Description Updated View Revisions
2022-03-28 17:22 shuehner Proposed Solution updated
2022-03-28 17:22 hgbot Note Added: 0136105
2022-03-28 17:23 shuehner Note Added: 0136107
2022-05-16 11:02 AugustoMauch Assigned To Triage Platform Base => ablasco
2022-05-19 13:48 hgbot Note Added: 0137536
2022-05-31 12:06 hgbot Resolution open => fixed
2022-05-31 12:06 hgbot Status scheduled => closed
2022-05-31 12:06 hgbot Note Added: 0137889
2022-05-31 12:06 hgbot Note Added: 0137890

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker