-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix security vulnerability in package-lock.json #28
Comments
We upgraded one of the affected packages: jquery. For the other one we need to upgrade to Angular 6, which was scheduled to be done for Release 4. |
Current status The affected libraries were fixed and their dependants were updates accordingly up to "request v2.83". The problem is that there are still 2 packages in our dependency tree using versions of "request" prior to 2.83:
The bright side Next Steps
Since this is out of our control we suggest to keep this issue open until the dependencies are updated. |
Update: |
The security warning has been reported by github: https://github.com/IntegratedAlarmSystem-Group/ias-display/network/dependencies
The text was updated successfully, but these errors were encountered: