Security Fix #36
Merged
Security Fix #36
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
LGTM |
|
Thanks @mjkkirschner , I tested locally Dictionary works well after these changes. The other vulnerabilities may require us do much more changes which may break Dictionary.. The strange thing is they also do not appear in npm audit list.. I guess there might be a gap between whitesource and npm audit.. Also one of the fix here also need to be applied to librarie.js repo, I will make that PR soon. |
|
Merging for now to refresh WS dashboard |
QilongTang
added a commit
that referenced
this pull request
Oct 12, 2020
QilongTang
added a commit
that referenced
this pull request
Oct 12, 2020
alfredo-pozo
added a commit
to alfredo-pozo/DynamoDictionary
that referenced
this pull request
Nov 21, 2020
Security fix first commit (DynamoDS#36) (DynamoDS#37)
QilongTang
added a commit
that referenced
this pull request
Feb 11, 2022
* Hide Submit PR button (#31) * Python3 migration (#27) * Images changed to reflect Python 3 interface * Sample files Updated to Python 3 Python Script.dyn and Python Script from String.dy updated to Python 3 * Addition of files to have CI7CD piepline for prod environment (#35) * Security fix first commit (#36) * Update notification mail master (#40) * Addition of files to have CI7CD piepline for prod environment * Update notification mail * Update Dynamo_Nodes_Documentation.json (#43) * Update pipeline.yml (#44) * Change job to use node labels (#45) * Update pipeline.yml * Update Jenkinsfile * Add generic documentation to add node's description for all hosts. (#48) * Make readme/names generic for hosts * Update README.md * Address object-path vulnerability. (#47) * Address object-path vulnerability. * Delete .npmrc * Update README.md * lodash vuln (#50) * add a dep on lodash to force the newer version for react-scripts and redux. * use lodash instead of underscore remove underscore from package json and lock * add dep on ua-parser-js 0.7.23 * update axios * remove direct dep on ua-parser-js Co-authored-by: kirschm <[email protected]> * React-scripts update and other fixes (#51) * DYN-3658 Update react-scripts and more * Chore/upgrade to react16 (#55) * chore: upgrade to React@16 * chore: update package.json to React 16.14.0 * chore: move react-scripts to fix npm audit facebook/create-react-app#11081 facebook/create-react-app#11174 * chore: remove deprecated react-tap-event-plugin * upgrade material-ui * add tooltip * update more mat-ui components * error check for add files * Font Warning (#56) * Use external repo name for harmony. (#57) * udpdate axios version (#60) Co-authored-by: pinzart <[email protected]> * Update axios (#61) * udpdate axios version * Update package-lock.json Co-authored-by: pinzart <[email protected]> * Security vulnerabilities Fix Part I (#62) * Initial commits * Remove Console log * Security Updates (#63) * Security vulnerabilities Fix Part III (#64) * Security Updates * more updates Co-authored-by: Ashish Aggarwal <[email protected]> Co-authored-by: Martin Stacey <[email protected]> Co-authored-by: alfredo-pozo <[email protected]> Co-authored-by: aparajit-pratap <[email protected]> Co-authored-by: pinzart90 <[email protected]> Co-authored-by: geidlin <[email protected]> Co-authored-by: gregmarr <[email protected]> Co-authored-by: Michael Kirschner <[email protected]> Co-authored-by: kirschm <[email protected]> Co-authored-by: wmui51 <[email protected]> Co-authored-by: pinzart <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR should fix at least two dependencies from the known list
