search

corona-warn-app / cwa-website

Corona-Warn-App website. The CWA development ended on May 31, 2023. You still can warn other users until April 30, 2023. More information:
https://coronawarn.app/en/faq/#ramp_down
Apache License 2.0
521 stars 224 forks source link

Update got | Remove warning #3374

Closed larswmh closed 1 year ago

larswmh commented 1 year ago

This PR updates got to a higher version so that the vulnerabilty warning disappears

Internal Tracking ID: EXPOSUREAPP-14718

MikeMcC399 commented 1 year ago

@larswmh

Good luck with this one!

$ npm ls got
corona-warn-app-landingpage@1.3.0
cwa-website
└─┬ gulp-imagemin@8.0.0
  └─┬ imagemin-gifsicle@7.0.0
    └─┬ gifsicle@5.3.0
      ├─┬ bin-build@3.0.0
      │ └─┬ download@6.2.5
      │   └── got@7.1.0
      └─┬ bin-wrapper@4.1.0
        └─┬ download@7.1.0
          └── got@8.3.2

As time goes on it will get more and more difficult with the gulp suite. gulp v4 itself is 4 years old. gulp v5 may never appear as users are moving to frameworks.

larswmh commented 1 year ago

Summarized all working PRs into one to simplify testing #3380.

@MikeMcC399 for now, we couldn't find a fix for it. As we still want to continue with the rest of the batch, I'll close this.