[
https://issues.apache.org/jira/browse/DATALAB-2738?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vira Vitanska reassigned DATALAB-2738:
--------------------------------------
Component/s: DataLab Main
Epic Link: DATALAB-509
Sprint: Apache DataLab release 2.5.2
Assignee: Denys Yankiv
Labels: Back-end (was: )
Summary: [Back-end] Large number of insecure dependencies (was: large
number of insecure dependencies)
> [Back-end] Large number of insecure dependencies
> ------------------------------------------------
>
> Key: DATALAB-2738
> URL: https://issues.apache.org/jira/browse/DATALAB-2738
> Project: Apache DataLab
> Issue Type: Bug
> Security Level: Public(Regular Issues)
> Components: DataLab Main
> Reporter: PJ Fanning
> Assignee: Denys Yankiv
> Priority: Major
> Labels: Back-end
>
> Hi,
> I ran a dependabot scan on datalab in github and found 51 issues with
> insecure libs.
> Already open:
> * https://github.com/apache/incubator-datalab/issues/1037
> * https://github.com/apache/incubator-datalab/issues/1038
> * https://github.com/apache/incubator-datalab/issues/1039
> The UI has lots of issues - maybe someone could try 'npm audit fix' as a
> start to fixing issues there.
> Some other backend issues:
> * https://github.com/advisories/GHSA-7r82-7xv7-xcpj (httpclient)
> * https://github.com/advisories/GHSA-gwrp-pvrq-jmwv (commons-io)
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
