This repository has been archived by the owner on Nov 4, 2024. It is now read-only.
Update Browserslist DB #27
arbrandesupdate-browserslist-db.yml
on: schedule
Matrix: update-browserslist / update-dep
Annotations
1 error
|
update-browserslist / update-dep (16, 8.5.x)
Unexpected error:
> @edx/[email protected] lint
> fedx-scripts eslint . --ext .js,.jsx
Running with resolved config:
/home/runner/work/frontend-app-payment/frontend-app-payment/.eslintrc.js
> @edx/[email protected] audit:allowlisted
> npx audit-ci --config audit-ci.json
audit-ci version: 6.6.1
NPM audit report results:
{
"advisories": {
"@edx/frontend-component-footer": {
"name": "@edx/frontend-component-footer",
"severity": "moderate",
"isDirect": true,
"via": [
"@edx/frontend-platform"
],
"effects": [],
"range": ">=10.0.0",
"nodes": [
"node_modules/@edx/frontend-component-footer"
],
"fixAvailable": {
"name": "@edx/frontend-component-footer",
"version": "9.0.1",
"isSemVerMajor": true
}
},
"@edx/frontend-component-header": {
"name": "@edx/frontend-component-header",
"severity": "moderate",
"isDirect": true,
"via": [
"@edx/frontend-platform"
],
"effects": [],
"range": ">=2.0.0",
"nodes": [
"node_modules/@edx/frontend-component-header"
],
"fixAvailable": {
"name": "@edx/frontend-component-header",
"version": "1.1.5",
"isSemVerMajor": true
}
},
"@edx/frontend-platform": {
"name": "@edx/frontend-platform",
"severity": "moderate",
"isDirect": true,
"via": [
"axios"
],
"effects": [
"@edx/frontend-component-footer",
"@edx/frontend-component-header"
],
"range": "*",
"nodes": [
"node_modules/@edx/frontend-platform"
],
"fixAvailable": {
"name": "@edx/frontend-component-header",
"version": "1.1.5",
"isSemVerMajor": true
}
},
"@edx/reactifex": {
"name": "@edx/reactifex",
"severity": "moderate",
"isDirect": true,
"via": [
"axios"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@edx/reactifex"
],
"fixAvailable": false
},
"axios": {
"name": "axios",
"severity": "moderate",
"isDirect": true,
"via": [
{
"source": 1094889,
"name": "axios",
"dependency": "axios",
"title": "Axios Cross-Site Request Forgery Vulnerability",
"url": "https://github.com/advisories/GHSA-wf5p-g6vw-rhxx",
"severity": "moderate",
"range": ">=0.8.1 <1.6.0"
}
],
"effects": [
"@edx/frontend-platform",
"@edx/reactifex"
],
"range": "0.8.1 - 1.5.1",
"nodes": [
"node_modules/@edx/reactifex/node_modules/axios",
"node_modules/axios"
],
"fixAvailable": {
"name": "@edx/frontend-component-header",
"version": "1.1.5",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 5,
"high": 0,
"critical": 0,
"total": 5
},
"dependencies": {
"prod": 1745,
"dev": 137,
"optional": 10,
"peer": 2,
"peerOptional": 0,
"total": 1893
}
}
}
Consider not allowlisting advisory: GHSA-hpx4-r86g-5jrg.
Found vulnerable advisory paths:
GHSA-wf5p-g6vw-rhxx|axios
GHSA-wf5p-g6vw-rhxx|@edx/frontend-component-footer>@edx/frontend-platform>axios
GHSA-wf5p-g6vw-rhxx|@edx/frontend-component-header>@edx/frontend-platform>axios
GHSA-wf5p-g6vw-rhxx|@edx/reactifex>axios
Failed security audit due to moderate vulnerabilities.
Vulnerable advisories are:
https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
Exiting...
husky - pre-commit hook exited with code 1 (error)
|