Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerabilities in dependencies #2056

Closed
NetOpWibby opened this issue Oct 25, 2018 · 2 comments
Closed

Vulnerabilities in dependencies #2056

NetOpWibby opened this issue Oct 25, 2018 · 2 comments
Assignees
@neb-b
Labels
area: security
Milestone
Nov 12th (Desktop)

Comments

@NetOpWibby
Copy link
Contributor

NetOpWibby commented Oct 25, 2018
edited by neb-b

This issue doesn't apply to the git issue format.

Critical Vulnerabilities

High Vulnerabilities

Low Vulnerabilities

These modules have not been updated in quite some time and probably will not be. I think fs-path can be replaced via the now built-in recursive directory creation in recent versions of Node.js.

I'm not sure if the mammoth module is still necesssary.
@alyssaoc alyssaoc added area: security priority: high Work needs to be moved into sprint ASAP labels Oct 29, 2018
@alyssaoc alyssaoc added this to the Nov 12th (Desktop) milestone Oct 30, 2018
@neb-b
Copy link

neb-b commented Nov 7, 2018
edited

Removed fs-path (we weren't using it)

Mammoth will be resolved when it releases a new version. mwilliamson/mammoth.js#179

For filewatcher-webpack-plugin i'm not sure what to do. It's an old module with no support. @skhameneh Any ideas or alternatives?

@neb-b
Copy link

neb-b commented Nov 7, 2018
edited

It is a dev dependency, so I think it's ok?

@neb-b neb-b removed the priority: high Work needs to be moved into sprint ASAP label Nov 7, 2018
@neb-b neb-b closed this as completed Nov 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@neb-b neb-b

Labels
area: security
Projects
None yet
Milestone
Nov 12th (Desktop)
Development

No branches or pull requests
3 participants
@NetOpWibby @neb-b @alyssaoc