[jira] [Created] (DATALAB-2744) [Front-end] Large number of insecure dependencies

Vira Vitanska (Jira) Thu, 17 Mar 2022 04:13:04 -0700

Vira Vitanska created DATALAB-2744:
--------------------------------------

             Summary: [Front-end] Large number of insecure dependencies
                 Key: DATALAB-2744
                 URL: https://issues.apache.org/jira/browse/DATALAB-2744
             Project: Apache DataLab
          Issue Type: Bug
      Security Level: Public (Regular Issues)
          Components: DataLab Main
            Reporter: PJ Fanning
            Assignee: Denys Yankiv



Hi,
I ran a dependabot scan on datalab in github and found 51 issues with insecure 
libs.

Already open:
* https://github.com/apache/incubator-datalab/issues/1037
* https://github.com/apache/incubator-datalab/issues/1038
* https://github.com/apache/incubator-datalab/issues/1039

The UI has lots of issues - maybe someone could try 'npm audit fix' as a start 
to fixing issues there.

Some other backend issues:
* https://github.com/advisories/GHSA-7r82-7xv7-xcpj (httpclient)
* https://github.com/advisories/GHSA-gwrp-pvrq-jmwv (commons-io)






--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (DATALAB-2744) [Front-end] Large number of insecure dependencies

Reply via email to