Actions
Bug #17653
closed
Apply security related upgrades
Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Workbench2
Target version:
Story points:
-
Release:
Release relationship:
Auto
Updated by Lucas Di Pentima almost 3 years ago
- Status changed from New to In Progress
Updated by Lucas Di Pentima almost 3 years ago
- Target version changed from 2021-05-12 sprint to 2021-05-26 sprint
Updated by Lucas Di Pentima almost 3 years ago
- Target version changed from 2021-05-26 sprint to 2021-06-09 sprint
Updated by
Updated by Lucas Di Pentima almost 3 years ago
Updates at arvados-workbench2|d74fcba - branch 17653-security-upgrades
Test run: developer-tests-workbench2: #430 /console
Updated by Lucas Di Pentima almost 3 years ago
Updates at arvados-workbench2|30aa642
Test run: developer-tests-workbench2: #432
- Rebased to current master (from previous note)
- Adds some more upgrades
- Undo the
css-whatupgrade as it breaks the app (it's the only 'high' vulnerability package pending to be upgraded)
Results of running "yarn audit"¶
Before:¶
885 vulnerabilities found - Packages audited: 1893 Severity: 434 Low | 79 Moderate | 371 High | 1 Critical
After:¶
146 vulnerabilities found - Packages audited: 1928 Severity: 100 Low | 45 Moderate | 1 High
I believe this process could be safer and easier by removing dependencies to the stale react-scripts-ts package. I've found a guide to do this: https://vincenttunru.com/migrate-create-react-app-typescript-to-create-react-app/
Updated by Lucas Di Pentima almost 3 years ago
- % Done changed from 0 to 100
- Status changed from In Progress to Resolved
Applied in changeset arvados:arvados-workbench2|939693eea743bcb4fc74ae6de5d5d796f125ec17.
Actions