[CONJS-45] npm old package issues - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.0-alpha
Component/s: other
Labels:
None

Description

see https://github.com/MariaDB/mariadb-connector-nodejs/issues/8.
some user have received an email from GitHub :

Known critical severity security vulnerability detected in mariadb <= 1.0.2 defined in package-lock.json.

This is due to old package in npm that must normally not interfere : https://www.npmjs.com/package/mariadb

Version History
0.7.0 a month ago
0.0.2-security a year ago
1.0.2 a year ago
1.0.1 a year ago
0.0.1-security a year ago

Those 1.0.1 and 1.0.2 version have not to interfere but still are.
Mail has been sent to npm to see if those can be totally removed.

Attachments

Activity

People

Assignee:: Diego Dupin

Reporter:: Diego Dupin

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2018-08-21 09:56

Updated:: 2018-10-25 08:04

Resolved:: 2018-10-25 08:04

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.