Update vulnerable dependencies from `npm audit` report #138

helen-m-lin · 2024-02-15T00:48:26Z

Describe the bug

There are currently 19 vulnerabilities (1 critical, 8 high, 10 moderate) shown from running npm audit
There is overlap with GitHub Dependabot alerts, tracked in Resolve GitHub Dependabot vulnerability alerts #137.
5 of 19 vulnerabilities can be fixed using npm audit fix, the remainder require investigation.

To Reproduce
Steps to reproduce the behavior:

Clone the repo and check out dev branch
Run npm audit
Review security vulnerabilities

Expected behavior
All vulnerabilities should be resolved.

The text was updated successfully, but these errors were encountered:

helen-m-lin · 2024-04-17T02:28:34Z

As of Apr 16, there were 9 vulnerabilities from npm audit --production and 21 from general report.

These are addressed in PR #168. All from prod report are addressed. Remaining issues for devDependencies can be ignored (
see previous PR #33 and facebook/create-react-app#11174)

jtyoung84 assigned helen-m-lin Feb 26, 2024

helen-m-lin mentioned this issue Apr 17, 2024

fix: update dependencies #168

Merged

helen-m-lin mentioned this issue Apr 17, 2024

Resolve GitHub Dependabot vulnerability alerts #137

Closed

jtyoung84 closed this as completed in #168 Apr 17, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update vulnerable dependencies from `npm audit` report #138

Update vulnerable dependencies from `npm audit` report #138

helen-m-lin commented Feb 15, 2024 •

edited

helen-m-lin commented Apr 17, 2024

Update vulnerable dependencies from npm audit report #138

Update vulnerable dependencies from npm audit report #138

Comments

helen-m-lin commented Feb 15, 2024 • edited

helen-m-lin commented Apr 17, 2024

Update vulnerable dependencies from `npm audit` report #138

Update vulnerable dependencies from `npm audit` report #138

helen-m-lin commented Feb 15, 2024 •

edited