Skip to content
This repository has been archived by the owner on Aug 26, 2020. It is now read-only.

Security alert for development dependencies acorn and minimist via eslint #210

Closed
2 tasks done
jhackshaw-dds opened this issue Mar 16, 2020 · 1 comment · Fixed by #309
Closed
2 tasks done

Security alert for development dependencies acorn and minimist via eslint #210

jhackshaw-dds opened this issue Mar 16, 2020 · 1 comment · Fixed by #309
Assignees
@jhackshaw-dds @vcastro-DDS
Labels
dependencies Dependency version control
Projects
Mon Cala

Comments

@jhackshaw-dds
Copy link
Contributor

Thanks for submitting an issue! Below are a few things you can do to help us more quickly address the issue.

Checklist

I have…

  • described in detail below both the behavior I expected and the behavior I observed.
  • thoroughly outlined below the steps to reproduce this issue, including relevant technical details (e.g. device, operating system, browser, browser version).
    [ ] attached screenshots illustrating relevant behavior.

Expected Behavior

N/A

Observed Behavior

Github has identified acorn and minimist as outdated dependencies that were installed due to eslint. The dependencies are only used in linting for development and CI.

Steps to Reproduce

To reproduce this issue…
N/A

Screenshots

N/A
@jhackshaw-dds jhackshaw-dds added the dependencies Dependency version control label Mar 16, 2020
@jhackshaw-dds jhackshaw-dds self-assigned this Mar 16, 2020
@jhackshaw-dds jhackshaw-dds added this to To do in Mon Cala via automation Mar 16, 2020
@vcastro-DDS vcastro-DDS mentioned this issue Mar 16, 2020
Closed
2 tasks
@vcastro-DDS vcastro-DDS self-assigned this Mar 16, 2020
@vcastro-DDS
Copy link
Contributor

Minimist appears to be a dependency of eslint, fsevents, and other packages which have been flagged as a vulnerability. We will attempt to bump the version one some of the updates are pushed in those packages. Refer to the following GitHub issue:
eslint/eslint#13050

@jhackshaw-dds jhackshaw-dds mentioned this issue Apr 7, 2020
Merged
2 tasks
@jhackshaw-dds jhackshaw-dds moved this from To do to Review in progress in Mon Cala Apr 7, 2020
Mon Cala automation moved this from Review in progress to Done Apr 7, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@jhackshaw-dds jhackshaw-dds

@vcastro-DDS vcastro-DDS

Labels
dependencies Dependency version control
Projects
Mon Cala
  
Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

bump frontend dependencies in response to snyk/google dependency alert deptofdefense/solo
2 participants
@jhackshaw-dds @vcastro-DDS