Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability in dependency "moment" #931

Closed
DirkBaumannDXC opened this issue Apr 22, 2022 · 1 comment · Fixed by #940
Closed

Vulnerability in dependency "moment" #931

DirkBaumannDXC opened this issue Apr 22, 2022 · 1 comment · Fixed by #940
Assignees
@Jialecl @aidamag
Labels
epic library patch
Milestone
22.2

Comments

@DirkBaumannDXC
Copy link

There was a "high severity" vulnerability reported for the dependency "moment".
See: GHSA-8hfj-j24r-96c4 or https://security.snyk.io/vuln/SNYK-JS-MOMENT-2440688

The version currently specified in the package.json is "2.24.0".

Please update to a patched version (version 2.29.2 or higher).
@jsardid jsardid added this to the 22.2 milestone Apr 22, 2022
@jsardid
Copy link
Member

jsardid commented Apr 22, 2022

Thanks @DirkBaumannDXC, we'll take this one on priority,

@jsardid jsardid added the epic label Apr 25, 2022
@Jialecl Jialecl linked a pull request Apr 27, 2022 that will close this issue
[Patch]Replacing Moment with Dayjs #940
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Jialecl Jialecl

@aidamag aidamag

Labels
epic library patch
Projects
Halstack Design System
Status: Done
Milestone
22.2
Development

Successfully merging a pull request may close this issue.

[Patch]Replacing Moment with Dayjs dxc-technology/halstack-react
4 participants
@jsardid @Jialecl @aidamag @DirkBaumannDXC