Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

5 moderate severity vulnerabilities #456

Closed
h-enk opened this issue Jun 21, 2021 · 1 comment
Closed

5 moderate severity vulnerabilities #456

h-enk opened this issue Jun 21, 2021 · 1 comment
Labels
type: bug code to address defects in shipped code type: security code to address security issues

Comments

@h-enk
Copy link

h-enk commented Jun 21, 2021

  1. mkdir netlify-lambda && cd netlify-lambda
  2. npm init -y
  3. npm install netlify-lambda -D
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.

added 626 packages, and audited 627 packages in 19s

29 packages are looking for funding
  run `npm fund` for details

5 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

Run `npm audit` for details.
# npm audit report

glob-parent  <5.1.2
Severity: moderate
Regular expression denial of service - https://npmjs.com/advisories/1751
fix available via `npm audit fix`
node_modules/watchpack-chokidar2/node_modules/glob-parent
  chokidar  1.0.0-rc1 - 2.1.8
  Depends on vulnerable versions of glob-parent
  node_modules/watchpack-chokidar2/node_modules/chokidar
    watchpack-chokidar2  *
    Depends on vulnerable versions of chokidar
    node_modules/watchpack-chokidar2
      watchpack  1.7.2 - 1.7.5
      Depends on vulnerable versions of watchpack-chokidar2
      node_modules/watchpack
        webpack  4.44.0 - 4.46.0
        Depends on vulnerable versions of watchpack
        node_modules/webpack

5 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

Update webpack/webpack?!
@h-enk h-enk added the type: bug code to address defects in shipped code label Jun 21, 2021
@h-enk h-enk mentioned this issue Jun 21, 2021
Closed
@erezrokah erezrokah added the type: security code to address security issues label Jun 22, 2021
@erezrokah
Copy link
Contributor

Thanks @h-enk, closing this in favor of #423

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: bug code to address defects in shipped code type: security code to address security issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@h-enk @erezrokah