Any volunteers for a general update of ALL the modules of taverna-databundle-viewer?I think this keeps happening because most of them are out of date.
If not I suggest we retire the whole repository to Taverna Extras on GitHub - it's not under active development (it was started as a GSOC project). On 29 March 2018 at 16:42, Stian Soiland-Reyes <[email protected]> wrote: > Thank you, we will review and fix. It seems this particular repository > frequently appears in these GitHub reports, probably because of its Ruby > nature. > > > On 21 March 2018 at 23:17, Apache Security Team <[email protected]> > wrote: > >> Hi Taverna PMC, >> >> FYI, the below was received by the security team. >> >> Regards, >> Yann. >> >> ---------- Forwarded message ---------- >> From: GitHub <[email protected]> >> Date: Wed, Mar 21, 2018 at 2:11 PM >> Subject: [apache/incubator-taverna-databundle-viewer] One of your >> dependencies may have a security vulnerability >> To: apache/incubator-taverna-databundle-viewer < >> [email protected]> >> Cc: Security alert <[email protected]> >> >> >> We found a potential security vulnerabilty in one of your dependencies >> [image: GitHub] >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBlaoUQ7ZnNSfaod-2BRPoWgKQ-3D_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBG-2FogRcdXqHMmGs68zBIZMMO80oDMbBiqEP0Ab8X1nxh-2FXhlKG7ijNb-2BMO8wQH5YF1mRIPj8eKQtEvxe3XFVAlfN3NFabQMRC-2FPeaid4hr4N48qsxmHrO0rVJ34pDXG8v5m-2FDsnVxSmGzL1FrLthLinoIthM4Un3Vvs3BMdj0JdTvDDm4u0AIVjjz-2FSR-2FfD7TH> >> Sign >> in >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBluE-2FGrtUQ7WwbM8S6nEaj0-3D_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBGZmFFxj-2Bf4gbaIT1GIqs7Fg771ZKLem0ZrDprrfxKVDkktOfL-2BNpzRagDhgmwaW6GkxAhP-2Bk8m1lYKzcHK8V6bm2DASsdt045aa2eG-2Fjg1U8FZnhR-2BvtV3SArJLR1wptmU-2BVjUGWmJGxgDV0yLSxC2TbIuxNxvI4Rw1uqVO-2BC97rVnZSCUAl1ep34CL8cPfu-2F> >> *asfsecurity,* >> >> We found a potential security vulnerability in a repository for which you >> have been granted security alert access. >> [image: @apache] apache/incubator-taverna-databundle-viewer >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBg5kFs28ucWJkBdd8Thfp21Jan87GsqhhM-2FOFgNpWRJuG8ww2z3Vue8xyibYb1owNq-2F8Jp6h-2BFjZmNQLVZvP6zo-3D_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBGST57nWHnyvKGOyg6DFXTGf24cInRL9WfPkgBHF0ZCBtMD6zL3dcSg2JE8qvf6PmpHLM24TE2p-2BwawgfMW1riMVJEWyIr53IIzOeqjpmddF1yDHCf1o5vYynkeHrRgLllnjWpx5MB0OQHfa-2BbwQeeSaeAHaISy8iKfni7vSkS7-2BDBJ1zyO9tt6Lb4OuBxZ1RC> >> Known * moderate severity* security vulnerability detected in loofah < >> 2.2.1 defined in Gemfile.lock >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBg5kFs28ucWJkBdd8Thfp21Jan87GsqhhM-2FOFgNpWRJuG8ww2z3Vue8xyibYb1owNrb8-2BdxHZQhvzgWaNPIBhfjhjoIGgRotZ84GspJMsazq_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBGhgVMQxIx7N2bbf-2FekMTQkLc861dlkMwP7fNU4KAk6AobVZNFlf5uHDBGRMkr3BIaTr81llU-2FDZlUi1JDzp4FRcfgVaqX4epGT6YBeee1tEfAOrJMzom9vTVqy-2BWD6P02JO9gp3Zuy0bBEnMmThhM0KHs1a83mlARRMKHJ0fklfY2xIl-2BOCFG3FxoLC9WV1U-2B>. >> >> Gemfile.lock >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBg5kFs28ucWJkBdd8Thfp21Jan87GsqhhM-2FOFgNpWRJuG8ww2z3Vue8xyibYb1owNrb8-2BdxHZQhvzgWaNPIBhfjhjoIGgRotZ84GspJMsazq_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBGPQjtKyo5RXFuRU1aa7KskadAl5FzksAMxBAXZnOQIaW5p1F6RLOaBQmQgddX9-2FV6VPstGBySwyXmQuEjA8iayk5-2FdKdgVDod3qD4yIyoTF99gLw2iE72yPwJhr1tetgsFmpqO-2BwlJpreU4zJd1wv2mjaQRn3FJVdyHM1KqLIxsAsxm42Rqs-2FagMaXrH2CP0l> >> update suggested: loofah ~> 2.2.1. >> Always verify the validity and compatibility of suggestions with your >> codebase. >> Review vulnerable dependency >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBg5kFs28ucWJkBdd8Thfp21Jan87GsqhhM-2FOFgNpWRJuG8ww2z3Vue8xyibYb1owNqm9ogBOKll7uO11u5z-2FMokvZw42FrQExyhZrPvJ1sXe_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBGq975ACwIadu5OTVLfUu376Xx0UbBtoM8NxjkziY3CERlVBojpW2ChxVOAHAA2Tg20iESm5cHXzw1jKzlBcScnkYWag2AqEYAVlrIOhZTp9hUTrUQulKyT-2FX3INc3z9Ks4vY0xaeEKwVjS4JguoVFhOoaed8ZwrG4xtjOaTRk-2BteRGK3AHKx7NELjZko1abNw> >> ------------------------------ >> >> Only users who have been assigned access to security alerts will receive >> these notifications. >> Unsubscribe >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBh4tM-2BvbnAt1ZCBIm0TQChRsti2oUDbPtOO7snnCj3QEoYlAAeBV6ZUw9-2BzP3Afg0eqCyRJoBdypkXRH-2B1O5DQbzG-2BcNCRIfytLphSQs-2FWbzzcWl9NLMLJK1561Xp284pDihyuwTlGx00187oDz3wq4-3D_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBGFbIfsMvy7fiByN5HoX0Yl0RMOu3BlDvZa0CG4jkbDe-2F2bjS7kdZcsCumisLY0rs0jNg5jUzfSfrWRY9jBVc4EVXlLgCEPNKQkuhJpmyUPP3Y-2FOWJfBaZC287nS8PZrOu9tOumpsuPh6BSeZ5qWTW8vugNluVGY9rgxT6R3y4zILAX6J94JWZ3LRPWX4zw7hw> >> · Email preferences >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBlttXBNYv-2BeGM-2FMVHbSBvTrPDvaZJ5yvsxfEVwy5gWOO_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBG-2B3WUIJ3vfeAK7AyPng1GrMVDglZr92hbViV4FHnrytYAq-2FOSjjsA5w509-2BjlyPfOrga1cLxhM89BgelfJxE2ig0T9NUyv1Ubdugb5KvdlLkEgtazVfFSWEzejyCBSqipMnjvaJXMx367NnzUTgWgg9jMN9NNmg50CkERKX5YnESQtstikurWLqK2fjhWa4CK> >> · Terms >> <http://sgmail.githubmail.com/wf/click?upn=H-2FQ3yMxnv4jw-2BxNnSBX80-2FAtA3t7vDbetmbWolVUHkI7aIK5sDG6eHhf6PFf2GZEMdAPO1mXdWyaS9GI2aLnBA-3D-3D_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBG1z7OLdwZ-2B-2BGTZzgKyldnINMpl-2BzrN3CD1HL2B2yiDa43OAcVHK0yrmkGk32ckHVXXtu9Yy5xu5tlEB4YuVVyF0rvs-2B8cW3EMJz75rzpLDDvIXwHEWfmkVLQ935uPaV81YHG6Tj1TcWjKx9ecRMUFfIFsBvcDaxgsF-2FgPFq7phTPn946y38Zr1gmGFrrDeX-2FM> >> · Privacy >> <http://sgmail.githubmail.com/wf/click?upn=H-2FQ3yMxnv4jw-2BxNnSBX80-2FAtA3t7vDbetmbWolVUHkKdSMxJcKXeaeoPn0qQqs-2Fw-2BqmMjx3QOoJQotJaBhy-2FxQ-3D-3D_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBGkZUALIa77RmAIdMlmSrci4curdu2STxoAc0FMx049gYoB4BTjyMlnKPV3kiBEkV-2BteptXaIIAePI3D-2Fb2VQ-2FZHRp9MQfCbNXDxkDoAPreswHTpx0-2BvmNAoBc0fNkF2b36gUK2lZs-2FhbbiXu6j-2FfEMX3oyWC3-2FkQ4sGsZmDQN48EQ4hrx2WKs8zTfo61WF4oT> >> · Sign into GitHub >> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBluE-2FGrtUQ7WwbM8S6nEaj0-3D_2A879vbSRvDFZPJYNFS2kpiO5-2Bet4KN8nFYuMlbXqQbkOWLwcH7-2BT-2Fm5nDyaV-2BBGZmFFxj-2Bf4gbaIT1GIqs7FvwejceMYASlPJzHy81Bn2dxLV5uttgx18ifPHr8drbnoywjF-2F1oxCXOcm3X-2BszaZZTMDGwVzDtEB0wXOQw4jyEU7igY2BANIeeGG87OQTTz2nFulBNIGi8FxpYGRuqEpNw3-2BDwRKdhwxwHPibLCi3PsEL58Z7i7cMtcwvRI3tf7SZ-2F7qFrtVLdX3TjD-2FGI1Lg-3D-3D> >> >> GitHub, Inc. >> 88 Colin P Kelly Jr St. >> San Francisco, CA 94107 >> <https://maps.google.com/?q=88+Colin+P+Kelly+Jr+St.%0D%0A+++++++++++++++++++++++++++++San+Francisco,+CA+94107&entry=gmail&source=g> >> >> > > > -- > Stian Soiland-Reyes > http://orcid.org/0000-0001-9842-9718 > -- Stian Soiland-Reyes http://orcid.org/0000-0001-9842-9718
