Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

npm audit found vulnerabilities #60

Closed
github-actions bot opened this issue Dec 7, 2022 · 5 comments · Fixed by #61
Closed

npm audit found vulnerabilities #60

github-actions bot opened this issue Dec 7, 2022 · 5 comments · Fixed by #61
Assignees
@boly38
Labels
cybersecurity
Milestone
v2.1.2

Comments

@github-actions
Copy link
Contributor

github-actions bot commented Dec 7, 2022 

# npm audit report

qs  6.5.0 - 6.5.2
Severity: high
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix`
node_modules/qs

1 high severity vulnerability

To address all issues, run:
  npm audit fix
@boly38
Copy link
Owner

boly38 commented Dec 7, 2022
edited
Loading 

[email protected] (...)\node-mongotools
└─┬ [email protected]
  └─┬ [email protected]
    └── [email protected]

[email protected] (...)\node-mongotools
└─┬ [email protected]
  └─┬ [email protected]
    └── [email protected]

request improvement issue already exists : adasq/dropbox-v2-api#1104

@boly38 boly38 self-assigned this Dec 7, 2022
@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 8, 2022 

# npm audit report

qs  6.5.0 - 6.5.2
Severity: high
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix`
node_modules/qs

1 high severity vulnerability

To address all issues, run:
  npm audit fix

2 similar comments
@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 9, 2022 

# npm audit report

qs  6.5.0 - 6.5.2
Severity: high
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix`
node_modules/qs

1 high severity vulnerability

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author 

# npm audit report

qs  6.5.0 - 6.5.2
Severity: high
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix`
node_modules/qs

1 high severity vulnerability

To address all issues, run:
  npm audit fix

@boly38 boly38 added this to the v2.1.2 milestone Dec 10, 2022
boly38 added a commit that referenced this issue Dec 10, 2022
@boly38
fix #60 qs version resolution to 6.5.3
996bd87
boly38 added a commit that referenced this issue Dec 10, 2022
@boly38
fix #60 qs version resolution to 6.5.3
c13778f
boly38 added a commit that referenced this issue Dec 10, 2022
@boly38
fix #60 qs vulnerable version via dropbox-v2-api 2.5.9
b193c39
@github-actions
Copy link
Contributor Author 

# npm audit report

qs  6.5.0 - 6.5.2
Severity: high
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix`
node_modules/qs

1 high severity vulnerability

To address all issues, run:
  npm audit fix

boly38 added a commit that referenced this issue Dec 10, 2022
@boly38
fix #60 qs vulnerable version via dropbox-v2-api 2.5.9
9ec71f4 
improve install github actions step
boly38 added a commit that referenced this issue Dec 10, 2022
@boly38
fix #60 qs vulnerable version via dropbox-v2-api 2.5.9
c87f793 
improve install github actions step
@boly38 boly38 mentioned this issue Dec 10, 2022
Merged
@boly38 boly38 closed this as completed in 88db7b3 Dec 10, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@boly38 boly38

Labels
cybersecurity
Projects
None yet
Milestone
v2.1.2
Development

Successfully merging a pull request may close this issue.

fix #60 qs vulnerable version and fix #62 ci mongo binaries boly38/node-mongotools
1 participant
@boly38