Skip to content

Security warnings in static-module and minimist #4796

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
nicolaskruchten opened this issue Apr 30, 2020 · 3 comments · Fixed by #4930
Closed

Security warnings in static-module and minimist #4796

nicolaskruchten opened this issue Apr 30, 2020 · 3 comments · Fixed by #4930
Assignees
@archmoj
Milestone
v1.54.3

Comments

@nicolaskruchten
Copy link
Contributor

nicolaskruchten commented Apr 30, 2020
edited
Loading

We need to resolve plotly/plotly.py#2385 and https://github.com/plotly/jupyterlab-chart-editor/issues/47 by avoiding https://www.npmjs.com/advisories/758 and https://www.npmjs.com/advisories/1179
@nicolaskruchten nicolaskruchten added this to the v1.54.1 milestone Apr 30, 2020
This was referenced May 1, 2020
Merged
Merged
Merged
@nicolaskruchten nicolaskruchten modified the milestones: v1.54.1, v1.54.2, v1.54.3 May 4, 2020
@nicolaskruchten nicolaskruchten mentioned this issue May 12, 2020
Closed
This was referenced Jun 11, 2020
Open
Closed
@nicolaskruchten
Copy link
Contributor Author

Current strategy detailed in scijs/cwise#25 (comment)

@nicolaskruchten
Copy link
Contributor Author

@archmoj what's our strategy for https://www.npmjs.com/advisories/1179 ?

@nicolaskruchten nicolaskruchten changed the title Security warnings in downstream packages Security warnings in static-module and minimist Jun 11, 2020
@archmoj
Copy link
Contributor

archmoj commented Jun 11, 2020

@archmoj what's our strategy for https://www.npmjs.com/advisories/1179 ?

@nicolaskruchten Thanks for the question. That would be fixed as part of cwise patch.

This was referenced Jun 18, 2020
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@archmoj archmoj

Labels
None yet
Projects
None yet
Milestone
v1.54.3
Development

Successfully merging a pull request may close this issue.

drop cwise and inline ndarray-homography plotly/plotly.js
2 participants
@nicolaskruchten @archmoj