mirror of
https://github.com/hyperledger/fabric-samples.git
synced 2026-06-17 07:25:10 +00:00
8403da7386
npm audit reveals several high and one critical vulnerabilities in the dependencies: ansi-regex 4.0.0 - 4.1.0 Severity: high Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw fix available via `npm audit fix` node_modules/nyc/node_modules/ansi-regex minimist <=1.2.5 Severity: critical Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m fix available via `npm audit fix --force` Will install mocha@10.0.0, which is a breaking change node_modules/minimist node_modules/ts-node/node_modules/minimist mkdirp 0.4.1 - 0.5.1 Depends on vulnerable versions of minimist node_modules/mkdirp mocha 1.21.5 - 6.2.2 || 7.0.0-esm1 - 7.1.0 Depends on vulnerable versions of mkdirp node_modules/mocha protobufjs 6.11.0 - 6.11.2 Severity: high Prototype Pollution in protobufjs - https://github.com/advisories/GHSA-g954-5hwp-pp24 fix available via `npm audit fix` node_modules/protobufjs 5 vulnerabilities (2 moderate, 2 high, 1 critical) This change (from running npm audit fix --force) removes all of them: npm audit found 0 vulnerabilities Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com> |
||
|---|---|---|
| .. | ||
| docker | ||
| src | ||
| .dockerignore | ||
| .gitignore | ||
| Dockerfile | ||
| npm-shrinkwrap.json | ||
| package.json | ||
| tsconfig.json | ||
| tslint.json | ||