search

influxdata / influxdb-templates

This repo is a collection of dashboard templates used in the InfluxDB UI.
MIT License
7 stars 7 forks source link

CVE-2019-10747 #28

Open rickspencer3 opened 4 years ago

rickspencer3 commented 4 years ago

Could someone please address or silence the following vulnerable dependency notification?

https://github.com/influxdata/influxdb-templates/network/alert/yarn.lock/set-value/open

jsteenb2 commented 4 years ago

@rickspencer3 I can't find this alert anywhere, and I can't open up the link you shared.

@mhall119 / @russorat, do you know why we are seeing an issue with a yarn.lock file? had no idea there was JS in the repo...

jsteenb2 commented 4 years ago

ahh I see, this isn't the same as community tempaltes. These are the legacy templates. Explains why I don't have a clue what's going on here 🤷

mhall119 commented 4 years ago

You had me worried there for a minute, because there absolutely shouldn’t be a yarn.lock on the community-template! Michael Hall mhall@influxdata.com

On Apr 21, 2020, at 2:09 PM, Johnny Steenbergen notifications@github.com wrote:

ahh I see, this isn't the same as community tempaltes. These are the legacy templates. Explains why I don't have a clue what's going on here 🤷

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/influxdata/influxdb-templates/issues/28#issuecomment-617326307, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAEP3BBDXTJPKIKPIOBMLELRNXOOBANCNFSM4MNP4LJA.