[jira] [Commented] (GRIFFIN-168) moderate severity security vulnerability detected in hoek < 4.2.1

Fri, 15 Jun 2018 00:52:34 -0700 


    [ 
https://issues.apache.org/jira/browse/GRIFFIN-168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16513498#comment-16513498
 ] 

ASF GitHub Bot commented on GRIFFIN-168:
----------------------------------------

GitHub user alexatapache opened a pull request:

    https://github.com/apache/incubator-griffin/pull/307

    remove package-lock.json and ignore it

    To fix the problem mentioned in GRIFFIN-168

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/alexatapache/incubator-griffin master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-griffin/pull/307.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #307
    
----
commit ecf53d068819bbb12ea4088e984a7586b24700dc
Author: Alex Lv <alexlv@...>
Date:   2018-06-15T07:24:52Z

    remove package-lock.json and ignore it

----


> moderate severity security vulnerability detected in hoek < 4.2.1 
> ------------------------------------------------------------------
>
>                 Key: GRIFFIN-168
>                 URL: https://issues.apache.org/jira/browse/GRIFFIN-168
>             Project: Griffin (Incubating)
>          Issue Type: Bug
>            Reporter: Alex Lv
>            Assignee: Alex Lv
>            Priority: Major
>
> We found a potential security vulnerabilty in one of your dependencies
> |[{color:#0366d6}!https://assets-cdn.github.com/images/modules/logos_page/GitHub-Logo.png|width=76,height=21!{color}|https://github.com/]|[{color:#24292e}Sign
>  in{color}|https://github.com/login]|
> *asfsecurity,*
>  
> We found a potential security vulnerability in a repository for which you 
> have been granted security alert access.
> |!https://avatars3.githubusercontent.com/u/47359?s=56&v=4|width=28,height=28!|[{color:#0366d6}*apache/incubator-griffin*{color}|https://github.com/apache/incubator-griffin]|
> |
> |Known *moderate severity* security vulnerability detected in *hoek < 4.2.1* 
> defined 
> in[*package-lock.json*|https://github.com/apache/incubator-griffin/blob/master/ui/angular/package-lock.json].|
> |[*package-lock.json*|https://github.com/apache/incubator-griffin/blob/master/ui/angular/package-lock.json]
>  update suggested: *hoek ~> 4.2.1*.|
> |{color:#6a737d}_Always verify the validity and compatibility of suggestions 
> with your codebase._{color}|
> |



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to