Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade some dependency to fix security problems. #3115

Closed
4 tasks done
KomachiSion opened this issue Jun 19, 2020 · 0 comments
Closed
4 tasks done

Upgrade some dependency to fix security problems. #3115

KomachiSion opened this issue Jun 19, 2020 · 0 comments
Assignees
@jameslcj @KomachiSion
Labels
dependencies Pull requests that update a dependency file priority/high Very important, need to be worked with soon but not very urgent
Milestone
1.3.1

Comments

@KomachiSion
Copy link
Collaborator

KomachiSion commented Jun 19, 2020
edited by jameslcj
Loading

Issue Description

Type: bug report

Describe what happened (or what feature you want)

Currently, Github has report 4 security dependency alerts.

  • Jackson
  • guava
  • websocket-extensions
  • jquery

two are in server and other two is console web.

Describe what you expected to happen

I plan to upgrade these dependency to new version according Github's suggestion in 1.3.1 .
@KomachiSion KomachiSion added priority/high Very important, need to be worked with soon but not very urgent kind/bug Category issues or prs related to bug. dependencies Pull requests that update a dependency file labels Jun 19, 2020
@KomachiSion KomachiSion added this to the 1.3.1 milestone Jun 19, 2020
@KomachiSion KomachiSion self-assigned this Jun 19, 2020
@KomachiSion KomachiSion mentioned this issue Jun 19, 2020
Merged
5 tasks
@KomachiSion KomachiSion removed the kind/bug Category issues or prs related to bug. label Jun 19, 2020
@KomachiSion KomachiSion assigned jameslcj and unassigned jameslcj Jun 24, 2020
jameslcj added a commit to jameslcj/nacos that referenced this issue Jun 29, 2020
@jameslcj
upgrade jquery alibaba#3115
dec9e11
@jameslcj jameslcj mentioned this issue Jun 29, 2020
Merged
5 tasks
jameslcj added a commit to jameslcj/nacos that referenced this issue Jun 29, 2020
@jameslcj
upgrade webpack to fix websocket-extensions security alibaba#3115
c4fdddd
KomachiSion pushed a commit that referenced this issue Jun 29, 2020
@jameslcj
Upgrade jquery dependency to fix security problems (#3201)
adb5bc9 
* upgrade jquery #3115

* upgrade webpack to fix websocket-extensions security #3115
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jameslcj jameslcj

@KomachiSion KomachiSion

Labels
dependencies Pull requests that update a dependency file priority/high Very important, need to be worked with soon but not very urgent
Projects
None yet
Milestone
1.3.1
Development

No branches or pull requests
2 participants
@jameslcj @KomachiSion