You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@griffin.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/06/15 07:52:00 UTC

[jira] [Commented] (GRIFFIN-168) moderate severity security vulnerability detected in hoek < 4.2.1

    [ https://issues.apache.org/jira/browse/GRIFFIN-168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16513498#comment-16513498 ] 

ASF GitHub Bot commented on GRIFFIN-168:
----------------------------------------

GitHub user alexatapache opened a pull request:

    https://github.com/apache/incubator-griffin/pull/307

    remove package-lock.json and ignore it

    To fix the problem mentioned in GRIFFIN-168

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/alexatapache/incubator-griffin master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-griffin/pull/307.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #307
    
----
commit ecf53d068819bbb12ea4088e984a7586b24700dc
Author: Alex Lv <al...@...>
Date:   2018-06-15T07:24:52Z

    remove package-lock.json and ignore it

----


> moderate severity security vulnerability detected in hoek < 4.2.1 
> ------------------------------------------------------------------
>
>                 Key: GRIFFIN-168
>                 URL: https://issues.apache.org/jira/browse/GRIFFIN-168
>             Project: Griffin (Incubating)
>          Issue Type: Bug
>            Reporter: Alex Lv
>            Assignee: Alex Lv
>            Priority: Major
>
> We found a potential security vulnerabilty in one of your dependencies
> |[{color:#0366d6}!https://assets-cdn.github.com/images/modules/logos_page/GitHub-Logo.png|width=76,height=21!{color}|https://github.com/]|[{color:#24292e}Sign in{color}|https://github.com/login]|
> *asfsecurity,*
>  
> We found a potential security vulnerability in a repository for which you have been granted security alert access.
> |!https://avatars3.githubusercontent.com/u/47359?s=56&v=4|width=28,height=28!|[{color:#0366d6}*apache/incubator-griffin*{color}|https://github.com/apache/incubator-griffin]|
> |
> |Known *moderate severity* security vulnerability detected in *hoek < 4.2.1* defined in[*package-lock.json*|https://github.com/apache/incubator-griffin/blob/master/ui/angular/package-lock.json].|
> |[*package-lock.json*|https://github.com/apache/incubator-griffin/blob/master/ui/angular/package-lock.json] update suggested: *hoek ~> 4.2.1*.|
> |{color:#6a737d}_Always verify the validity and compatibility of suggestions with your codebase._{color}|
> |



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)