Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix 'low severity' security warnings #691

Closed
frankieroberto opened this issue Feb 20, 2019 · 3 comments · Fixed by #692
Closed

Fix 'low severity' security warnings #691

frankieroberto opened this issue Feb 20, 2019 · 3 comments · Fixed by #692
Assignees
@NickColley
Labels
🕔 Hours A well understood issue which we expect to take less than a day to resolve. Submitted by user issues on behalf of users

Comments

@frankieroberto
Copy link
Contributor

I just installed the kit and got this warning:

added 1297 packages from 714 contributors and audited 38980 packages in 31.729s
found 63 low severity vulnerabilities
run npm audit fix to fix them, or npm audit for details
@joelanman joelanman added Submitted by user issues on behalf of users new labels Feb 20, 2019
@kr8n3r
Copy link

kr8n3r commented Feb 20, 2019
edited
Loading

1 package update for 62 vulns involved breaking changes
happy fixing :)
luckily that is jest and should be fine

@frankieroberto frankieroberto mentioned this issue Feb 20, 2019
Merged
@timpaul timpaul added 🕔 Hours A well understood issue which we expect to take less than a day to resolve. Priority: High and removed new labels Feb 20, 2019
@NickColley
Copy link
Contributor

Some useful tips that might help us in the long term here: https://snyk.io/blog/ten-npm-security-best-practices/

@NickColley NickColley self-assigned this Mar 4, 2019
@NickColley
Copy link
Contributor

NickColley commented Mar 4, 2019
edited
Loading

I've done a quick spike into how we can do this better in the future: #699

I think your short term fix is good to get in, thanks Frankie.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NickColley NickColley

Labels
🕔 Hours A well understood issue which we expect to take less than a day to resolve. Submitted by user issues on behalf of users
Projects
GOV.UK Design System cycle board
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Upgrade jest to ^24.0.01 frankieroberto/govuk-prototype-kit
6 participants
@frankieroberto @joelanman @timpaul @NickColley @kr8n3r and others