nodejs same version number in all the dependencies


nodejs same version number in all the dependencies



During docker vulnerability check we found that package minimatch has vulnerabilities. Due to this we have to use minimatch package to latest which is 3.0.4.



I have copied the package-lock.json in the js section of fiddler https://jsfiddle.net/Loecjuy4/1/


"minimatch": "3.0.4" instead of "minimatch": "2.0.10"



If you search the package-lock.json at fiddler link that I provided, you will find minimatch as dependencies in many places sometimes version 3.0.4 is used (line 2022 in eslint) while in other places version 2.0.10 is used (line 3170).



I want to know a way such that package minimatch has the same version 3.0.4 in all the places of package-lock.json. I have tried shrinkwrap but it too shows different version of minimatch.





You tagged your question with [docker] tag, could you please indicate the relevance? Also where did you get your package-lock.json from?
– Andrew Savinykh
12 hours ago


package-lock.json





Remove the package-lock.json and regenerate it
– Tarun Lalwani
9 hours ago


package-lock.json





Open an issue at the relevant repository of packages that use the outdated version as dependency, after you updated these packages to the latest version.
– nijm
6 mins ago





1 Answer
1



Update all your dependencies to the latest version. If the old version is still in your package-lock.json, it means that the dependencies you use have a dependency itself on the old version. You should then probably contact the maintainers of these packages to upgrade their dependencies (i.e. by opening an issue on their respective repository).


package-lock.json






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

Comments

Post a Comment

Popular posts from this blog

paramiko-expect timeout is happening after executing the command

paramiko-expect timeout is happening after executing the command Can someone help me why timeout is happening after executing the command .I am trying to SSH to a machine and execute a command.I want to store the result of the executed command . I have referred paramiko-timeout but i didn't get my expected result. import traceback try: import paramiko except ImportError: raise Exception("Please install paramiko , pip install paramiko") import pexpect from paramiko_expect import SSHClientInteraction def main(): HOSTNAME = "minion5.net" USERNAME = "root" PASSWORD = "help@432" PROMPT = "root@*:~$s+" try: client = paramiko.SSHClient() client.load_system_host_keys() client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) client.connect(hostname=HOSTNAME, username=USERNAME, password=PASSWORD) with SSHClientInteraction(client, timeout=20, display=True) as interact: ...
Read more

Opening a url is failing in Swift

Opening a url is failing in Swift breakpointing inside the callback and logging success shows false. I added itms-apps to my plist: LSApplicationQueriesSchemes and put this in my app delegate: func application(_ app: UIApplication, open url: URL, options: [UIApplicationOpenURLOptionsKey : Any] = [:]) -> Bool { return true } func moreTapped() { let url = NSURL(string: "itms-apps://itunes.com/developer/quantum-productions/id979315877") if #available(iOS 10.0, *) { UIApplication.shared.open(url! as URL, options: [:], completionHandler: {(success: Bool) in }) } else { UIApplication.shared.openURL(url! as URL) } } Are you testing on a real device? – rmaddy Jun 21 at 23:57 I try on a device, get "Cannot Connect to App Store". Device is online ...
Read more

Export result set on Dbeaver to CSV

Export result set on Dbeaver to CSV Normally I use Dbeaver for windows and always export my result set like this: run my query --> select the result --> export the result set --> select export to clipboard --> done This step by step puts my result set in my clipboard and I can paste it wherever I want to work with it. The problem is that now I am using dbeaver for mac and this guide is not working. I can go on until the moment that I select my result set like in the image below: exporting data set But once I go further in the process, in the last step I get: no query Note that in "source" it was suppose to show the query that originated the result set, but instead it says just "select. As a result it does't select my result or anything (besides being "successful"). Normally my query would show up there automatically and I couldn't find any option that corrects this problem in the menus. Please help me! Thanks. Aft...
Read more