Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix the npm audit security warning. #6393

Closed
jansiegel opened this issue Oct 28, 2019 · 5 comments
Closed

Fix the npm audit security warning. #6393

jansiegel opened this issue Oct 28, 2019 · 5 comments
Assignees
Milestone

Comments

@jansiegel
Copy link
Member

@jansiegel jansiegel commented Oct 28, 2019

Description

There's an npm audit security warning on the current master/develop that needs to be addressed.

                       === npm audit security report ===                        
                                                                                
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Machine-In-The-Middle                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ https-proxy-agent                                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ puppeteer [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ puppeteer > https-proxy-agent                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1184                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
@jansiegel jansiegel self-assigned this Oct 28, 2019
jansiegel added a commit that referenced this issue Oct 28, 2019
…ecurity warning. #6393
jansiegel added a commit that referenced this issue Oct 28, 2019
…udit's security warning. #6393"

This reverts commit 190b97c.
jansiegel added a commit that referenced this issue Oct 28, 2019
jansiegel added a commit that referenced this issue Oct 28, 2019
#6394)

* Update `puppeteer` in the devDependencies to get rid of npm audit's security warning. #6393

* Revert "Update `puppeteer` in the devDependencies to get rid of npm audit's security warning. #6393"

This reverts commit 190b97c.

* Update just puppeteer and https-proxy-agent. #6393
@jansiegel jansiegel added this to the October 2019 milestone Nov 4, 2019
jansiegel added a commit that referenced this issue Nov 4, 2019
#6394)

* Update `puppeteer` in the devDependencies to get rid of npm audit's security warning. #6393

* Revert "Update `puppeteer` in the devDependencies to get rid of npm audit's security warning. #6393"

This reverts commit 190b97c.

* Update just puppeteer and https-proxy-agent. #6393
@aninde

This comment has been minimized.

Copy link

@aninde aninde commented Nov 14, 2019

On tested 7.3.0 v. this message is fixed, the is no npm audit in console anymore.
Screenshot 2019-11-15 at 19 28 00

@jansiegel I received this messege after npm i on updated branch release/7.3.0

@jansiegel

This comment has been minimized.

Copy link
Member Author

@jansiegel jansiegel commented Nov 18, 2019

@aninde Thanks for the info, I updated package-lock.json with a fix.

@aninde

This comment has been minimized.

Copy link

@aninde aninde commented Dec 9, 2019

Still fixed, there is no npm audit fix after installing Handsontable.

@aninde

This comment has been minimized.

Copy link

@aninde aninde commented Dec 11, 2019

@jansiegel I don't know why, but today the audit report has appeared again.

@aninde

This comment has been minimized.

Copy link

@aninde aninde commented Dec 12, 2019

There is no npm audit security warning, when I install Handsontable on branch release/7.3.0 by npm i.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.