Uploaded image for project: 'Appcelerator CLI'
  1. Appcelerator CLI
  2. CLI-1319

Reduce number of vulnerabilities found by npm audit

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: appcelerator 4.2.13-0
    • Fix Version/s: CLI Release 7.0.8
    • Component/s: Installer
    • Labels:
      None
    • Environment:

      Appc NPM: 4.2.13

    • Story Points:
      5
    • Sprint:
      2018 Sprint 14 Tooling

      Description

      Description

      Currently npm audit shows the following number of vulnerabilities, found 39 vulnerabilities (14 low, 15 moderate, 7 high, 3 critical) in 920 scanned packages. Note that some of these are only dev dependencies, but we should try and fix as many as possible. The npm audit output is pretty noisy so here's a reduced version of modules that will need updating, assume that the version bump is in range unless noted

      grunt-appc-js (semver major, will need linting fixes I imagine)
      pac-proxy-agent (semver major)
      tar (semver major)
      request
      mocha (semver major)
      grunt
      lodash
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                eharris Ewan Harris
                Reporter:
                eharris Ewan Harris
                Reviewer:
                Feon Sua Xin Miao
              • Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Git Source Code