Closed jsjiang closed 6 months ago
From Joel Your team can update those two node packages yourselves. If you need help with that, I can guide you through the process; please let me know. After upgrading those packages, you'd then rebuild the UI, verify that it still looks the same and responds the same with mouse/pointer clicks. If not, then it's easy to roll back those package versions and rebuild the project again.
UCOP security scan using Bitsight found two insecure javascript libraries on EZID:
Detailed information can be found in this IAS ticket: https://github.com/cdlib/cdlsys/issues/363
EZID team needs to take actions and resolve this issue before next scan that may happen in 6 weeks. Marisa suggests to finish this upgrade in 4 weeks.
Bootstrap: