Skip to content
This repository has been archived by the owner on Jul 3, 2019. It is now read-only.

Upgrade ssri due to security vulnerability #124

Closed
hulkish opened this issue Feb 28, 2018 · 2 comments
Closed

Upgrade ssri due to security vulnerability #124

hulkish opened this issue Feb 28, 2018 · 2 comments

Comments

@hulkish
Copy link

hulkish commented Feb 28, 2018
edited

https://nodesecurity.io/advisories/565
@FrailWords FrailWords mentioned this issue Feb 28, 2018
Closed
@zkat
Copy link
Owner

zkat commented Feb 28, 2018

wanna send me a PR for this?

I wanna note, for the record: This security issue DOES NOT affect cacache in any way. cacache does not use ssri's strict-mode, so it never hits that regex, so there's no rush to this. :)

@EmilNordling EmilNordling mentioned this issue Mar 8, 2018
Closed
coin8086 added a commit to Azure/hpcpack-acm that referenced this issue Apr 18, 2018
@coin8086
Upgrade npm packages for security vulnerabilities:
5d49aa8 
1) moment/moment 2.18.1, see chartjs/Chart.js#5024
2) zkat/ssri 5.0.0, see zkat/cacache#124
@nothingismagick
Copy link

Looks like this has been resolved.
208b7bd#diff-b9cfc7f2cdf78a7f4b91a753d10865a2

@zkat zkat closed this as completed May 28, 2018
coin8086 added a commit to Azure/hpcpack-acm-portal that referenced this issue Mar 12, 2019
@coin8086
Upgrade npm packages for security vulnerabilities:
31a457e 
1) moment/moment 2.18.1, see chartjs/Chart.js#5024
2) zkat/ssri 5.0.0, see zkat/cacache#124
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zkat @hulkish @nothingismagick