Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug][Dashboard] A number of CVEs exist for NPMs exist in dashboard #2461

Closed
1 of 2 tasks
pjfanning opened this issue Feb 10, 2022 · 3 comments · Fixed by #2467
Closed
1 of 2 tasks

[Bug][Dashboard] A number of CVEs exist for NPMs exist in dashboard #2461

pjfanning opened this issue Feb 10, 2022 · 3 comments · Fixed by #2467
Assignees
@leezng
Labels
component/dashboard type/bug Something is wrong
Milestone
1.1.0

Comments

@pjfanning
Copy link
Contributor

pjfanning commented Feb 10, 2022
edited

What happened

I did a dependabot analysis of InLong and have submitted maven fixes but I'm not a UI specialist so haven't attempted to update the NPM modules.

Some of the highest severity issues include (there are many more):

npm audit and npm audit fix can be used

What you expected to happen

n/a

How to reproduce

n/a

Environment

No response

InLong version

master

InLong Component

InLong Dashboard

Are you willing to submit PR?

  • Yes, I am willing to submit a PR!

Code of Conduct
@pjfanning pjfanning added the type/bug Something is wrong label Feb 10, 2022
@dockerzhang dockerzhang added this to the 1.1.0 milestone Feb 11, 2022
@dockerzhang
Copy link
Contributor

@leezng PTAL, thanks.

@gosonzhang
Copy link
Contributor

@pjfanning, thanks, you are professional!

@leezng leezng mentioned this issue Feb 11, 2022
Merged
1 task
@leezng
Copy link
Member

leezng commented Feb 11, 2022

@pjfanning
I try to use npm audit fix to resolve some vulnerabilities. But there are still some that involve breaking changes. Because they are lower-level dependencies of development dependencies, theoretically they will not affect the UI layer.

@healchow healchow changed the title [Bug] a number of CVEs exist for NPMs exist in dashboard [Bug][Dashboard] A number of CVEs exist for NPMs exist in dashboard Jun 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@leezng leezng

Labels
component/dashboard type/bug Something is wrong
Projects
None yet
Milestone
1.1.0
Development

Successfully merging a pull request may close this issue.

[INLONG-2461] Use npm audit fix to resolve some vulnerabilities
5 participants
@pjfanning @leezng @gosonzhang @dockerzhang @healchow