Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix hoek dependency version vulnerability #18

Merged
merged 2 commits into from
May 18, 2018
Merged

Fix hoek dependency version vulnerability #18

merged 2 commits into from
May 18, 2018

Conversation

EricHanLiu
Copy link
Contributor

@EricHanLiu EricHanLiu commented May 18, 2018
edited

See previous pull request for info on this vulnerability issue.

Commands used:

npm i request
npm uninstall request
npm update
npm install

This newest fix updates request which gets rid of the hoek 2.16.3 dependency which threw the potential security vulnerability alert.

@EricHanLiu EricHanLiu self-assigned this May 18, 2018
@EricHanLiu
Copy link
Contributor Author

If the alert persists after merging, it's a GitHub bug. The vulnerability was patched (a hoek dev updated near the bottom) via backport.

@EricHanLiu EricHanLiu mentioned this pull request May 18, 2018
Closed
@EricHanLiu EricHanLiu changed the title Fix hoek vulnerability Fix hoek dependency version vulnerability May 18, 2018
@napulen napulen merged commit bce5ee9 into master May 18, 2018
@EricHanLiu
Copy link
Contributor Author

Thanks @napulen !

@EricHanLiu EricHanLiu deleted the fix_hoek_vulnerability branch May 18, 2018 18:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vigliensoni vigliensoni Awaiting requested review from vigliensoni

Assignees

@EricHanLiu EricHanLiu

Labels
bug Project: PIXEL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@EricHanLiu @napulen