[FOLIO-1182] Handle GitHub-identified security vulnerability for `marked` in mod-inventory Created: 09/Apr/18 Updated: 12/Nov/18 Resolved: 10/Apr/18 |
|
| Status: | Closed |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Bug | Priority: | P3 |
| Reporter: | Peter Murray | Assignee: | David Crossley |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | 15 minutes | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||
| Sprint: | |||||||||
| Description |
|
Known moderate severity security vulnerability detected in marked < 0.3.9 defined in package-lock.json. package-lock.json update suggested: marked ~> 0.3.9. Always verify the validity and compatibility of suggestions with your codebase. |
| Comments |
| Comment by Peter Murray [ 09/Apr/18 ] |
|
Marc Johnson and Cate Boerema and Filip Jakobsen – FYI. I don't know if we have a process to handle this (yet). |
| Comment by David Crossley [ 10/Apr/18 ] |
|
Added new script in pull/46 Removed old package.json etc. which also fixes the security warning. |