[
https://issues.apache.org/jira/browse/AIRFLOW-6632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17026190#comment-17026190
]
ASF GitHub Bot commented on AIRFLOW-6632:
-----------------------------------------
ashb commented on pull request #7280: [AIRFLOW-6632] Bump dagre-d3 to resolve
lodash CVE advisory
URL: https://github.com/apache/airflow/pull/7280
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Resolve lodash advisory
> -----------------------
>
> Key: AIRFLOW-6632
> URL: https://issues.apache.org/jira/browse/AIRFLOW-6632
> Project: Apache Airflow
> Issue Type: Improvement
> Components: webserver
> Affects Versions: 1.10.7
> Reporter: Ry Walker
> Assignee: Ry Walker
> Priority: Major
> Fix For: 1.10.8
>
>
> https://npmjs.com/advisories/577
> Security scan turned up lodash 4.17.5 as a vulnerability per this NPM
> advisory - I've got PR to resolve.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
