Skip to content
This repository was archived by the owner on Mar 12, 2025. It is now read-only.

Security vulnerability in API wrapper #11

Closed
sharathkumaranbu opened this issue Dec 5, 2019 · 3 comments · Fixed by #13
Closed

Security vulnerability in API wrapper #11

sharathkumaranbu opened this issue Dec 5, 2019 · 3 comments · Fixed by #13
Assignees
@sharathkumaranbu

Comments

@sharathkumaranbu
Copy link
Collaborator

Please update the lodash version in Submission API wrapper to get rid of security vulnerabilities which is getting propagated to all client application which uses this wrapper.

image

cc @callmekatootie @cwdcwd
@callmekatootie
Copy link
Collaborator

The vulnerability is most likely coming from tc-core-library-js - appirio-tech/tc-core-library-js#23

@sharathkumaranbu
Copy link
Collaborator Author

sharathkumaranbu commented Dec 5, 2019
edited
Loading

Yes. I have mistakenly mentioned as issue from this repo itself. May be we need to update the version of tc-core-library-js if a new version is released.

@sharathkumaranbu
Copy link
Collaborator Author

We can use this tag https://github.com/appirio-tech/tc-core-library-js/tree/v2.6.4 now to resolve the vulnerability issue.

@sharathkumaranbu sharathkumaranbu mentioned this issue Dec 6, 2019
Merged
sharathkumaranbu pushed a commit that referenced this issue Dec 6, 2019
@dhruvit-r @sharathkumaranbu
For #11 and #12 (#13)
ca0a2ab 
Allow streams for downloading and updating tc core library version
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@sharathkumaranbu sharathkumaranbu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

For #11 and #12 dhruvit-r/topcoder-submission-api-wrapper
2 participants
@callmekatootie @sharathkumaranbu