Project:
View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | ||||||||
0051128 | ||||||||
Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
defect | [Openbravo ERP] Z. Others | major | have not tried | 2022-12-13 13:29 | 2023-01-02 16:10 | |||
Reporter | shuehner | View Status | public | |||||
Assigned To | AugustoMauch | |||||||
Priority | normal | Resolution | fixed | Fixed in Version | ||||
Status | closed | Fix in branch | Fixed in SCM revision | |||||
Projection | none | ETA | none | Target Version | ||||
OS | Any | Database | Any | Java version | ||||
OS Version | Database version | Ant version | ||||||
Product Version | SCM revision | |||||||
Review Assigned To | ||||||||
Web browser | ||||||||
Modules | Core | |||||||
Regression level | ||||||||
Regression date | ||||||||
Regression introduced in release | ||||||||
Regression introduced by commit | ||||||||
Triggers an Emergency Pack | No | |||||||
Summary | 0051128: org.openbravo.service.jsexecutor: Update package-lock.json to fix npm audit issues | |||||||
Description | npm audit reports problems which should be fixed by updating versions in the package-lock.json 5 vulnerabilities (4 high, 1 critical) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force | |||||||
Steps To Reproduce | npm audit | |||||||
Tags | No tags attached. | |||||||
Attached Files | ||||||||
Relationships [ Relation Graph ] [ Dependency Graph ] | |
Notes | |
(0144593) shuehner (administrator) 2022-12-13 13:33 |
One of the items "properties-reader" required manual update of package.json for semver bump from 0.3 to 2.2 fix available via `npm audit fix --force` Will install properties-reader@2.2.0, which is a breaking change |
(0145120) hgbot (developer) 2023-01-02 12:51 |
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.service.jsexecutor/-/merge_requests/8 [^] |
(0145124) hgbot (developer) 2023-01-02 16:10 |
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.service.jsexecutor/-/merge_requests/8 [^] |
(0145125) hgbot (developer) 2023-01-02 16:10 |
Directly closing issue as related merge request is already approved. Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.service.jsexecutor [^] Changeset: 03ef21baf7cf6f4b44e4da51a82bc21f4eb83673 Author: Augusto Mauch <augusto.mauch@openbravo.com> Date: 02-01-2023 12:51:19 URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.service.jsexecutor/-/commit/03ef21baf7cf6f4b44e4da51a82bc21f4eb83673 [^] Fixes ISSUE-51128: Fixes vulnerabilities by running npm audit Two of the vulnerabilities were fixed by running npm audit respecting the current semver. The minimum required version of properties-reader was increased from 0.3.1 to 2.2.0, but none of the breaking changes affects us, that library is used to read the contents of the Openbravo.properties file and it is still reading them properly --- M src-test/js/package-lock.json M src-test/js/package.json --- |
Issue History | |||
Date Modified | Username | Field | Change |
2022-12-13 13:29 | shuehner | New Issue | |
2022-12-13 13:29 | shuehner | Assigned To | => Triage Omni OMS |
2022-12-13 13:29 | shuehner | Modules | => Core |
2022-12-13 13:29 | shuehner | Triggers an Emergency Pack | => No |
2022-12-13 13:30 | shuehner | Assigned To | Triage Omni OMS => Triage Platform Base |
2022-12-13 13:33 | shuehner | Note Added: 0144593 | |
2023-01-02 12:51 | hgbot | Note Added: 0145120 | |
2023-01-02 12:52 | AugustoMauch | Assigned To | Triage Platform Base => AugustoMauch |
2023-01-02 12:52 | AugustoMauch | Status | new => scheduled |
2023-01-02 16:10 | hgbot | Note Added: 0145124 | |
2023-01-02 16:10 | hgbot | Resolution | open => fixed |
2023-01-02 16:10 | hgbot | Status | scheduled => closed |
2023-01-02 16:10 | hgbot | Note Added: 0145125 |
Copyright © 2000 - 2009 MantisBT Group |