search

atomist-skills / docker-build-skill

Atomist Skill to build and push Docker images
Apache License 2.0
1 stars 0 forks source link

Fix ansi-regex > 6.0.1 #371

Closed atomist[bot] closed 2 years ago

atomist[bot] commented 2 years ago

This pull request fixes security vulnerabilities open on d323ee3 but 2 moderate vulnerabilities remain open and need manual review.

npm audit fix updated the following npm dependencies:

Fixed vulnerabilities

Following security vulnerability is fixed:

ansi-regex

Inefficient Regular Expression Complexity in chalk/ansi-regex moderate · >=6.0.0 <6.0.1 · CVE-2021-3807 · automatic fix available

ansi-regex@6.0.0 · 1 vulnerable path
  • @atomist/skill > strip-ansi > ansi-regex

    • Open vulnerabilities

    Following security vulnerabilities remain open and need manual review:

    ansi-regex

    Inefficient Regular Expression Complexity in chalk/ansi-regex moderate · >2.1.1 <5.0.1 · CVE-2021-3807 · automatic fix available

    ansi-regex@3.0.0 · 4 vulnerable paths
  • @atomist/skill > @graphql-codegen/cli > listr-update-renderer > log-update > wrap-ansi > string-width > strip-ansi > ansi-regex
  • @atomist/skill > @graphql-codegen/cli > listr-update-renderer > log-update > wrap-ansi > strip-ansi > ansi-regex
  • @atomist/skill > @graphql-codegen/cli > listr > listr-update-renderer > log-update > wrap-ansi > string-width > strip-ansi > ansi-regex
  • @atomist/skill > @graphql-codegen/cli > listr > listr-update-renderer > log-update > wrap-ansi > strip-ansi > ansi-regex

    • Inefficient Regular Expression Complexity in chalk/ansi-regex moderate · >=6.0.0 <6.0.1 · CVE-2021-3807 · automatic fix available

    ansi-regex@6.0.0 · 1 vulnerable path
  • @atomist/skill > strip-ansi > ansi-regex

    • File changed:

    atomist/npm-vulnerability-scanner-skill · Configure

    atomist[bot] commented 2 years ago

    Pull request auto merged: