Snyk reported vulnerabilities #459

mihaidma · 2018-02-15T09:18:10Z

Investigate and fix the Snyk reported vulnerabilities: https://snyk.io/test/github/nearform/udaru?severity=high&severity=medium&severity=low

mcollina · 2018-02-15T09:24:33Z

The fix for this would be to migrate to Hapi v17. I would actually wait for this hapijs/hoek#230 to be solved.

mihaidma · 2018-02-15T10:01:03Z

Thank you for the input, yes upgrading to v17 is not an option right now.

cianfoley-nearform · 2018-02-15T17:14:36Z

I updated lodash in my last pull request, it should sort the second Snyk issue :-)

mcollina · 2018-02-15T17:15:28Z

First one is resolved, Snyk would be updated shortly, last Hoek in the 4.x.x line solves the issue.

cianfoley-nearform · 2018-02-26T13:04:41Z

pbac updated too, in pull request... only issue here is the context stuff that @dberesford mentioned, tests seem to be passing, but we will need to investigate usage of context with variables, it might be that we're not handling correctly or testing scenarios

mihaidma assigned cianfoley-nearform Feb 15, 2018

dberesford added this to backlog in Udaru Mar 8, 2018

dberesford closed this as completed Mar 8, 2018

dberesford removed this from backlog in Udaru Mar 8, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Snyk reported vulnerabilities #459

Snyk reported vulnerabilities #459

mihaidma commented Feb 15, 2018

mcollina commented Feb 15, 2018

mihaidma commented Feb 15, 2018

cianfoley-nearform commented Feb 15, 2018

mcollina commented Feb 15, 2018 •

edited

cianfoley-nearform commented Feb 26, 2018

Snyk reported vulnerabilities #459

Snyk reported vulnerabilities #459

Comments

mihaidma commented Feb 15, 2018

mcollina commented Feb 15, 2018

mihaidma commented Feb 15, 2018

cianfoley-nearform commented Feb 15, 2018

mcollina commented Feb 15, 2018 • edited

cianfoley-nearform commented Feb 26, 2018

mcollina commented Feb 15, 2018 •

edited