Update Karma dependency to resolve security issues #952
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Resolves a subset of the security issues identified by `npm audit`.
Before:
found 27 vulnerabilities (16 low, 1 moderate, 9 high, 1 critical)
(full audit: https://gist.github.com/wincent/96a0bae65e9a5b681c3103bb6a9c5471)
After:
found 15 vulnerabilities (7 low, 1 moderate, 6 high, 1 critical)
(full audit: https://gist.github.com/wincent/c61df833b3855ea5efa1ae108e7c5006)
`npm run test` is clean after the update:
```
15 01 2019 14:06:26.772:INFO [karma]: Karma v1.4.0 server started at http://0.0.0.0:9876/
15 01 2019 14:06:26.773:INFO [launcher]: Launching browser Chrome with unlimited concurrency
15 01 2019 14:06:26.791:INFO [launcher]: Starting browser Chrome
15 01 2019 14:06:27.799:INFO [Chrome 71.0.3578 (Mac OS X 10.13.6)]: Connected on socket c-wYPd2u1z3iqI36AAAA with id 39092991
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 87 of 356 SUCCESS (0 secs / 0.405 secs)
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 92 of 356 (skipped 6) SUCCESS (0 secs / 0.433 secs)
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 103 of 356 (skipped 6) SUCCESS (0 secs / 0.552 secs)
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 111 of 356 (skipped 6) SUCCESS (0 secs / 0.859 secs)
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 119 of 356 (skipped 6) SUCCESS (0 secs / 1.163 secs)
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 121 of 356 (skipped 6) SUCCESS (0 secs / 1.164 secs)
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 174 of 356 (skipped 8) SUCCESS (0 secs / 1.37 secs)
ERROR: 'Warning: `value` prop on `%s` should not be null. Consider using an empty string to clear the component or `undefined` for uncontrolled components.%s', 'input', '
in input
in div
in div
in div
in _class'
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 322 of 356 (skipped 14) SUCCESS (0 secs / 2.382 secs)
Chrome 71.0.3578 (Mac OS X 10.13.6): Executed 342 of 356 (skipped 14) SUCCESS (5.33 secs / 2.429 secs)
```
Related: https://issues.liferay.com/browse/IFI-405
|
@julien: If I see any small things like this as I go along I will put up PRs for them. |
|
@wincent great. Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves a subset of the security issues identified by
npm audit.Before:
(full audit: https://gist.github.com/wincent/96a0bae65e9a5b681c3103bb6a9c5471)
After:
(full audit: https://gist.github.com/wincent/c61df833b3855ea5efa1ae108e7c5006)
npm run testis clean after the update:Related: https://issues.liferay.com/browse/IFI-405