[jira] [Created] (DATALAB-2747) [Back-end][Part2] Large number of insecure dependencies

Ruslan Kulynych (Jira) Tue, 22 Mar 2022 01:55:07 -0700

Ruslan Kulynych created DATALAB-2747:
----------------------------------------


             Summary: [Back-end][Part2] Large number of insecure dependencies
                 Key: DATALAB-2747
                 URL: https://issues.apache.org/jira/browse/DATALAB-2747
             Project: Apache DataLab
          Issue Type: Bug
      Security Level: Public (Regular Issues)
          Components: DataLab Main
            Reporter: Ruslan Kulynych
            Assignee: Denys Yankiv


Hi,
I ran a dependabot scan on datalab in github and found 51 issues with insecure 
libs.

Already open:
* https://github.com/apache/incubator-datalab/issues/1037
* https://github.com/apache/incubator-datalab/issues/1038
* https://github.com/apache/incubator-datalab/issues/1039

The UI has lots of issues - maybe someone could try 'npm audit fix' as a start 
to fixing issues there.

Some other backend issues:
* https://github.com/advisories/GHSA-7r82-7xv7-xcpj (httpclient)
* https://github.com/advisories/GHSA-gwrp-pvrq-jmwv (commons-io)






--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (DATALAB-2747) [Back-end][Part2] Large number of insecure dependencies

Reply via email to