Fix: 'npm audit fix' changes for semver - Githubissues

apache / couchdb-fauxton

Fauxton is the new Web UI for CouchDB

https://github.com/apache/couchdb-fauxton

Apache License 2.0

382 stars 224 forks source link

Fix: 'npm audit fix' changes for semver #1399

Closed Antonio-Maranhao closed 1 year ago

Antonio-Maranhao commented 1 year ago

Overview

Partially addresses vulnerability CVE-2022-25883 on semver by running npm audit fix.

There are still many uses of semver <7.5.2 but they're all from dev dependencies - i.e. the vulnerability will not affect a Fauxton build.

Testing recommendations

CI passes

GitHub issue number

n/a

Related Pull Requests

n/a

Checklist

[x] Code is written and works correctly;
[x] Changes are covered by tests;
[ ] Documentation reflects the changes;
[ ] Update rebar.config.script with the correct tag once a new Fauxton release is made