npm vulnerability: `minimist` #8722

bsclifton · 2020-03-17T16:36:11Z

Description

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ minimist                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ jest [dev]                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ jest > @jest/core > jest-runner > jest-jasmine2 >            │
│               │ jest-runtime > @jest/transform > jest-haste-map > sane >     │
│               │ @cnakazawa/watch > minimist                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1179                            │
└───────────────┴──────────────────────────────────────────────────────────────┘

Steps to Reproduce

Have full setup of Brave
run npm run audit_deps from root
have a bad time

The text was updated successfully, but these errors were encountered:

…t vulnerabilities Helps to fix brave/brave-browser#8722

…t vulnerabilities Helps to fix #8722

Partially resolves brave/brave-browser#8722

…t vulnerabilities Helps to fix brave/brave-browser#8722

…t vulnerabilities Helps to fix #8722

…t vulnerabilities Helps to fix brave/brave-browser#8722

Fixes #8722

bsclifton · 2020-03-24T21:01:55Z

Should be completely resolved with brave/brave-core#5013 and #8788

Fixes #8722 for 1.7 (`brave-browser`)

Fixes brave/brave-browser#8722 for 1.7 (`brave-core`)

bsclifton added the dev-concern label Mar 17, 2020

bsclifton added this to the 1.8.x - Nightly milestone Mar 17, 2020

This was referenced Mar 17, 2020

Fixed rewards settings page behaviour after reset rewards (uplift to 1.7.x) brave/brave-core#4965

Merged

Fixed rewards settings page behaviour after reset rewards (uplift to 1.5.x) brave/brave-core#4966

Merged

bsclifton closed this as completed in 4fccad7 Mar 17, 2020

bsclifton mentioned this issue Mar 17, 2020

Resolve npm vulnerabilities (part 1 of 3) #8724

Merged

29 tasks

bsclifton reopened this Mar 17, 2020

bsclifton mentioned this issue Mar 18, 2020

WIP: Resolve npm vulnerabilities (part 3 of 3) brave/brave-core#4977

Closed

32 tasks

bsclifton added a commit to brave/sync that referenced this issue Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audi…

13e6b9c

…t vulnerabilities Helps to fix brave/brave-browser#8722

bsclifton added a commit to brave/sync that referenced this issue Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audi…

372fe7d

…t vulnerabilities Helps to fix brave/brave-browser#8722

This was referenced Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audit vulnerabilities brave/sync#374

Merged

Introduce npm-force-resolutions dependency to help resolve npm audit vulnerabilities brave/sync#375

Merged

bsclifton added QA/No release-notes/exclude labels Mar 18, 2020

bsclifton added a commit that referenced this issue Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audi…

54cb764

…t vulnerabilities Helps to fix #8722

bsclifton mentioned this issue Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audit vulnerabilities #8735

Closed

29 tasks

bsclifton self-assigned this Mar 18, 2020

ryanml added a commit to brave/brave-core that referenced this issue Mar 18, 2020

Adds npm-force-resolutions dependency

6a0ddbf

Partially resolves brave/brave-browser#8722

bsclifton added a commit to brave/brave-core that referenced this issue Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audi…

e0424d6

…t vulnerabilities Helps to fix brave/brave-browser#8722

bsclifton added a commit that referenced this issue Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audi…

492815e

…t vulnerabilities Helps to fix #8722

bsclifton added a commit to brave/sync that referenced this issue Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audi…

fac6066

…t vulnerabilities Helps to fix brave/brave-browser#8722

bsclifton added a commit to brave/sync that referenced this issue Mar 18, 2020

Introduce npm-force-resolutions dependency to help resolve npm audi…

fb336a7

…t vulnerabilities Helps to fix brave/brave-browser#8722

bsclifton added a commit that referenced this issue Mar 24, 2020

Rebuild package-lock.json to fix npm audit errors

938e733

Fixes #8722

bsclifton assigned cezaraugusto Mar 24, 2020

bsclifton closed this as completed in #8788 Mar 24, 2020

bsclifton added a commit that referenced this issue Mar 31, 2020

Update npm deps for 1.7

de15d61

Fixes #8722 for 1.7 (`brave-browser`)

bsclifton added a commit to brave/brave-core that referenced this issue Mar 31, 2020

Update npm deps for 1.7

ea2de73

Fixes brave/brave-browser#8722 for 1.7 (`brave-core`)

This was referenced Mar 31, 2020

Fix npm audit vulnerabilities for 1.7.x brave/brave-core#5115

Closed

Fix npm audit vulnerabilities for 1.7.x #8940

Closed

bbondy added this to the 1.7.x - Release milestone Jun 1, 2020

bbondy unassigned cezaraugusto Jun 1, 2020

bbondy modified the milestones: 1.7.x - Release, 1.8.x - Release Jun 1, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

npm vulnerability: `minimist` #8722

npm vulnerability: `minimist` #8722

bsclifton commented Mar 17, 2020

bsclifton commented Mar 24, 2020

npm vulnerability: minimist #8722

npm vulnerability: minimist #8722

Comments

bsclifton commented Mar 17, 2020

Description

Steps to Reproduce

bsclifton commented Mar 24, 2020

npm vulnerability: `minimist` #8722

npm vulnerability: `minimist` #8722