Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update yarn to `> 1.1.0' to remove security warning #18

Closed
c4lliope opened this issue Sep 18, 2018 · 3 comments
Closed

Update yarn to `> 1.1.0' to remove security warning #18

c4lliope opened this issue Sep 18, 2018 · 3 comments
Milestone
Feb, Week 2

Comments

@c4lliope
Copy link
Contributor

As mentioned in #17, docker build -t client . gives us a warning about a deprecated Buffer constructor that contained security flaws.

The warning message was addressed by the yarn community here, and to fix in our own app we need to upgrade our yarn version.

Any version above 1.1.0 should be okay.
@jacobq
Copy link

jacobq commented Sep 30, 2018

(v1.10.0)

@c4lliope
Copy link
Contributor Author

c4lliope commented Oct 3, 2018

ah, thanks for catching that!

@c4lliope c4lliope self-assigned this Feb 8, 2019
@c4lliope c4lliope modified the milestones: Feb, Week 2, Feb, Week 1 Feb 8, 2019
@c4lliope c4lliope removed their assignment Feb 14, 2019
@c4lliope
Copy link
Contributor Author

This is outdated;

> docker-compose exec client yarn -v
1.13.0

We haven't seen a security warning in a while.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Feb, Week 2
Development

No branches or pull requests
2 participants
@jacobq @c4lliope