Commit ebfd4bb4 authored by Ryan Diehl's avatar Ryan Diehl

fix: patch vulnerable packages

parent 748d5cc7
Pipeline #104517 passed with stages
in 9 minutes and 8 seconds
...@@ -90,6 +90,10 @@ ...@@ -90,6 +90,10 @@
"webpack": "^4.18.1", "webpack": "^4.18.1",
"webpack-bundle-analyzer": "^3.3.2" "webpack-bundle-analyzer": "^3.3.2"
}, },
"resolutions": {
"http-proxy": ">=1.18.1",
"tree-kill": ">=1.2.2"
},
"repository": { "repository": {
"type": "git", "type": "git",
"url": "https://git.psu.edu/ais-swe/ux/utils" "url": "https://git.psu.edu/ais-swe/ux/utils"
......
...@@ -5695,10 +5695,10 @@ http-proxy-middleware@0.19.1: ...@@ -5695,10 +5695,10 @@ http-proxy-middleware@0.19.1:
lodash "^4.17.11" lodash "^4.17.11"
micromatch "^3.1.10" micromatch "^3.1.10"
http-proxy@^1.17.0: http-proxy@>=1.18.1, http-proxy@^1.17.0:
version "1.18.0" version "1.18.1"
resolved "https://nexus.ci.psu.edu/repository/npm-all/http-proxy/-/http-proxy-1.18.0.tgz#dbe55f63e75a347db7f3d99974f2692a314a6a3a" resolved "https://nexus.ci.psu.edu/repository/npm-all/http-proxy/-/http-proxy-1.18.1.tgz#401541f0534884bbf95260334e72f88ee3976549"
integrity sha512-84I2iJM/n1d4Hdgc6y2+qY5mDaz2PUVjlg9znE9byl+q0uC3DeByqBGReQu5tpLK0TAqTIXScRUV+dg7+bUPpQ== integrity sha512-7mz/721AbnJwIVbnaSv1Cz3Am0ZLT/UBwkC92VlxhXv/k/BBQfM2fXElQNC27BVGr0uwUpplYPQM9LnaBMR5NQ==
dependencies: dependencies:
eventemitter3 "^4.0.0" eventemitter3 "^4.0.0"
follow-redirects "^1.0.0" follow-redirects "^1.0.0"
...@@ -11264,10 +11264,10 @@ tr46@^1.0.1: ...@@ -11264,10 +11264,10 @@ tr46@^1.0.1:
dependencies: dependencies:
punycode "^2.1.0" punycode "^2.1.0"
tree-kill@1.2.1: tree-kill@1.2.1, tree-kill@>=1.2.2:
version "1.2.1" version "1.2.2"
resolved "https://nexus.ci.psu.edu/repository/npm-all/tree-kill/-/tree-kill-1.2.1.tgz#5398f374e2f292b9dcc7b2e71e30a5c3bb6c743a" resolved "https://nexus.ci.psu.edu/repository/npm-all/tree-kill/-/tree-kill-1.2.2.tgz#4ca09a9092c88b73a7cdc5e8a01b507b0790a0cc"
integrity sha512-4hjqbObwlh2dLyW4tcz0Ymw0ggoaVDMveUB9w8kFSQScdRLo0gxO9J7WFcUBo+W3C1TLdFIEwNOWebgZZ0RH9Q== integrity sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==
trim-newlines@^1.0.0: trim-newlines@^1.0.0:
version "1.0.0" version "1.0.0"
......
  • SonarQube analysis indicates that quality gate is failed.

    • Bugs is failed: Actual value 1 > 0
    • high_severity_vulns is passed: Actual value 0
    • medium_severity_vulns is passed: Actual value 0

    SonarQube analysis reported 13 issues

    • 1 major
    • 🔽 7 minor
    • 5 info

    Top 10 extra issues

    Note: The following issues were found on lines that were not modified in the commit. Because these issues can't be reported as line comments, they are summarized here:

    1. Unexpected empty source 📘
    2. 🔽 Add an "alt" attribute to this image. 📘
    3. 🔽 This assertion is unnecessary since it does not change the type of the expression. 📘
    4. 🔽 This assertion is unnecessary since it does not change the type of the expression. 📘
    5. 🔽 This assertion is unnecessary since it does not change the type of the expression. 📘
    6. 🔽 This assertion is unnecessary since it does not change the type of the expression. 📘
    7. 🔽 This assertion is unnecessary since it does not change the type of the expression. 📘
    8. 🔽 This assertion is unnecessary since it does not change the type of the expression. 📘
    9. Make sure that cookie is written safely here. 📘
    10. Make sure that using a regular expression is safe here. 📘
    • ... 3 more
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment