WhiteSource scan warning #93

Sprokopyak · 2019-05-22T15:28:02Z

Hello,

At our Angular project we are using node-sass package for compiling files from .scss to normal .css file. Node-sass has some other dependencies and in one of them is included js-base64 packge.

On the project, we also run WhiteSource scan during the builds, and it displays an alert - "Security Vulnerability" because of using an old version of the jquery library inside js-base64/test/index.html file and as a solution to fix this problem it proposes to upgrade jquery version from 2.1.4 to 3.4.0. See at the attached screenshot.
.

So, could you please upgrade jquery version to 3.4.0 inside js-base64/test/index.html file?

The text was updated successfully, but these errors were encountered:

sv3k · 2019-08-21T15:43:35Z

We have the same warning on all the angular projects. Adding the ./test folder to .npmignore looks like an easy fix. Plus, having millions of weekly downloads for this lib, it could save gigabytes of traffic.

dankogai · 2019-08-22T04:30:55Z

@Sprokopyak Fixed in cf8fc4a

@sv3k adding ./test to .npmignore' breaks npm test` so I consider that too much.

Sprokopyak mentioned this issue May 23, 2019

Fix WhiteSource warnings #94

Closed

dankogai added a commit that referenced this issue Aug 22, 2019

test/index.html:update jquery ver. to 3.4.0 to address #93

cf8fc4a

dankogai closed this as completed Aug 22, 2019

scott-m-sarsfield mentioned this issue Jun 15, 2020

WhiteSource scan warning - CVE-2020-11022 #109

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

WhiteSource scan warning #93

WhiteSource scan warning #93

Sprokopyak commented May 22, 2019

sv3k commented Aug 21, 2019

dankogai commented Aug 22, 2019

WhiteSource scan warning #93

WhiteSource scan warning #93

Comments

Sprokopyak commented May 22, 2019

sv3k commented Aug 21, 2019

dankogai commented Aug 22, 2019