Project

General

Profile

Feature #10793

Updated by Marc Egger 3 months ago

NPM found a few vulnerabilities in our packages which can be solved by updating. 

 *BRANCH* : S10793updateNpmPackages 

 *STATUS* : Habe die updates ausgefuehrt in dem obigen branch und einige tests gemacht. siehe Kommentare fuer mehr Infos. Der branch ist nicht in sync mit Dev. See comments for current state of this ticket. 

 - make new branch from develop 
 - update the packages with the commands listed below 
 - run npm audit again, resolve manual review problems 
   - https://docs.npmjs.com/auditing-package-dependencies-for-security-vulnerabilities#security-vulnerabilities-found-requiring-manual-review 
 - Test tinyMCE 
 - (test TableSorter) not neccessary since not updated? 
 - run grunt, solve problems if there are any 

 Updates advised in report when running `npm audit` 

 <pre> 
 npm install mocha@8.3.2  
 npm install bootlint@1.1.0  
 npm install grunt-contrib-jasmine@2.2.0 
 npm install tinymce@5.7.1 
 npm update lodash --depth 4 
 npm update minimist --depth 5 
 npm update jshint --depth 2 
 npm update mkdirp --depth 3 
 npm update minimist --depth 5  
 </pre>

Back