[jira] [Commented] (FLAGON-430) update rollup-plugin-license

Joshua Poore (JIRA) Mon, 05 Aug 2019 18:59:08 -0700


    [ 
https://issues.apache.org/jira/browse/FLAGON-430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16900536#comment-16900536
 ]


Joshua Poore commented on FLAGON-430:
-------------------------------------

updated to 0.10.0 in package.json

> update rollup-plugin-license
> ----------------------------
>
>                 Key: FLAGON-430
>                 URL: https://issues.apache.org/jira/browse/FLAGON-430
>             Project: Flagon
>          Issue Type: Task
>          Components: UserALE.js
>    Affects Versions: UserALE.js 2.0.2
>         Environment: node.js
>            Reporter: Joshua Poore
>            Assignee: Joshua Poore
>            Priority: Major
>             Fix For: UserALE.js 2.0.2
>
>         Attachments: Screen Shot 2019-07-25 at 8.55.42 PM.png
>
>
> We have one remaining Prototype Pollution vulnerability in dev dependencies 
> for builds. rollup-plugin-license needs to update to latest lodash patch 
> version. I have opened a ticket on their boards. 
> [https://github.com/mjeanroy/rollup-plugin-license/issues/422]. Will patch 
> when new patch version is available.
>  
> !Screen Shot 2019-07-25 at 8.55.42 PM.png!
>  



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Commented] (FLAGON-430) update rollup-plugin-license

Reply via email to