[UXPROD-2340] Remaining - Security update eslint to >= 6.2.1 or eslint-util >= 1.4.1 Created: 20/Mar/20 Updated: 16/Sep/21 Resolved: 15/Jul/20 |
|
| Status: | Closed |
| Project: | UX Product |
| Components: | None |
| Affects versions: | None |
| Fix versions: | Q2 2020 |
| Type: | New Feature | Priority: | P3 |
| Reporter: | Julian Ladisch | Assignee: | Ryan Berger |
| Resolution: | Done | Votes: | 0 |
| Labels: | NFR, q1-2020-split, security, tech-debt | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Development Team: | Stripes Force | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description |
|
https://github.com/mysticatea/eslint-utils/security/advisories/GHSA-3gx7-xhv7-5mx3 says:
This can be fixed by updating eslint to >= 6.2.1 or updating eslint-util to >= 1.4.1. Some examples which eslint version currently is in use: This should be fixed even if FOLIO is not affected by this issue. Otherwise people get used to ignore the GitHub security warnings and miss relevant security issues. |
| Comments |
| Comment by Khalilah Gambrell [ 15/Jul/20 ] |
|
Peter Murray, Julian Ladisch, and Ryan Berger - Course reserves is the only app not to make this change https://folio-org.atlassian.net/browse/UICR-17. I am going to create a separate feature that covers course reserves and close this one. cc: Kelly Drake and Charlotte Whitt |
| Comment by Peter Murray [ 15/Jul/20 ] |
|
cc: Mike Gorrell |
| Comment by Charlotte Whitt [ 15/Jul/20 ] |
|
thanks Khalilah Gambrell - we'll pick up the work in Q3 2020 |