Skip to content
This repository has been archived by the owner on Sep 16, 2019. It is now read-only.

vulnerabilities fixed #1354

Merged
merged 1 commit into from Jan 24, 2019
Merged

vulnerabilities fixed #1354

merged 1 commit into from Jan 24, 2019

Conversation

derweili
Copy link
Collaborator

Two vulnerabilities in sub packages of gulp-sass fixed.
package: sshpk
Path: gulp-sass > node-sass > request > http-signature > sshpk

                       === npm audit security report ===

# Run  npm update sshpk --depth 6  to resolve 2 vulnerabilities
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ sshpk                                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gulp-sass [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gulp-sass > node-sass > node-gyp > request > http-signature  │
│               │ > sshpk                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/606                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ sshpk                                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gulp-sass [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gulp-sass > node-sass > request > http-signature > sshpk     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/606                       │
└───────────────┴──────────────────────────────────────────────────────────────┘

@derweili
vulnerabilities fixed
6cfa2e0 
Two vulnerabilities in sub packages of gulp-sass fixed.
package sshpk
Path gulp-sass > node-sass > request > http-signature > sshpk
@derweili derweili merged commit e0f5628 into master Jan 24, 2019
@derweili derweili deleted the npm-audit branch January 24, 2019 08:01
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@derweili