[NPMCLI-198] high-severity security vulnerability "npm:adm-zip:20180415" - Magnolia - Issue tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.7
Labels:
None

Template:
customfield_14145 72371
Acceptance criteria:

Empty

show more show less
Task DoD:

show more show less
Bug DoR:

show more show less
Release notes required:

Yes
Epic Link:
Support
Sprint:
Foundation 6
Story Points:
3

Description

Magnolia cli has a dependency on an old version of adm-zip which has a security vulnerability. More info here: https://snyk.io/vuln/npm:adm-zip:20180415

Please update the dependency, so that I can have magnolia-cli approved by my security team.

Checklists

Acceptance criteria

Attachments

Issue Links

caused by

NPMCLI-182 CLI jumpstart fails - due to regression in adm-zip dependency

Closed

supersedes

NPMCLI-186 Unpin adm-zip dependency or replace it with a different library

Closed

Activity

People

Assignee:: Federico Grilli

Reporter:: Samantha Mannino

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 19/Dec/18 4:50 PM

Updated:: 12/Mar/19 1:45 PM

Resolved:: 11/Mar/19 5:13 PM

Date of First Response:: 19/Dec/18 5:12 PM

Checklists

Bug DoR

Task DoD

Jenkins Builds

No builds found.