Bug #102208
closed
Vulnerable npm dev dependencies
100%
Description
npm reports some dev dependencies as vulnerable once again:
# npm audit report debug 3.2.0 - 3.2.6 Severity: moderate Regular Expression Denial of Service in debug - https://github.com/advisories/GHSA-gxpj-cx7g-858c fix available via `npm audit fix` node_modules/tiny-lr/node_modules/debug postcss <8.4.31 Severity: moderate PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j fix available via `npm audit fix --force` Will install postcss-clean@1.2.0, which is a breaking change node_modules/postcss postcss-clean <=1.1.0 || >=1.2.1 Depends on vulnerable versions of postcss node_modules/postcss-clean 3 moderate severity vulnerabilities
Updated by Gerrit Code Review about 1 year ago
- Status changed from In Progress to Under Review
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81479
Updated by Gerrit Code Review about 1 year ago
Patch set 1 for branch 12.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81480
Updated by Gerrit Code Review about 1 year ago
Patch set 2 for branch 12.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81480
Updated by Gerrit Code Review about 1 year ago
Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81479
Updated by Andreas Fernandez about 1 year ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset b7d58e80bb5031bdfb84373b768861b485723b18.
Updated by