fryjordan opened a new pull request, #1433: URL: https://github.com/apache/couchdb-fauxton/pull/1433
## Overview Vulnerabilities were found in Fauxton dependencies. The changes in this PR resolve them. ``` # npm audit report express <4.19.2 Severity: moderate Express.js Open Redirect in malformed URLs - https://github.com/advisories/GHSA-rv95-896h-c2vc fix available via `npm audit fix` node_modules/express follow-redirects <=1.15.5 Severity: moderate follow-redirects' Proxy-Authorization header kept across hosts - https://github.com/advisories/GHSA-cxjh-pqwp-8mfp fix available via `npm audit fix` node_modules/follow-redirects lodash.pick >=4.0.0 Severity: high Prototype Pollution in lodash - https://github.com/advisories/GHSA-p6mc-m468-83gw fix available via `npm audit fix` node_modules/lodash.pick nightwatch 2.6.0 - 3.3.8 Depends on vulnerable versions of lodash.pick node_modules/nightwatch 4 vulnerabilities (2 moderate, 2 high) ``` ## Testing recommendations - Ensure CI passes. ## Checklist - [x] Code is written and works correctly; - [x] Changes are covered by tests; - [ ] Documentation reflects the changes; - [ ] Update [rebar.config.script](https://github.com/apache/couchdb/blob/main/rebar.config.script) with the correct tag once a new Fauxton release is made -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
