CVE-2019-10747
rickspencer3 opened this issue · comments
Rick Spencer commented
Could someone please address or silence the following vulnerable dependency notification?
https://github.com/influxdata/influxdb-templates/network/alert/yarn.lock/set-value/open
Johnny Steenbergen commented
@rickspencer3 I can't find this alert anywhere, and I can't open up the link you shared.
@mhall119 / @russorat, do you know why we are seeing an issue with a yarn.lock
file? had no idea there was JS in the repo...
Johnny Steenbergen commented
ahh I see, this isn't the same as community tempaltes. These are the legacy templates. Explains why I don't have a clue what's going on here 🤷
Michael Hall commented
You had me worried there for a minute, because there absolutely shouldn’t be a yarn.lock on the community-template!
Michael Hall
mhall@influxdata.com
… On Apr 21, 2020, at 2:09 PM, Johnny Steenbergen ***@***.***> wrote:
ahh I see, this isn't the same as community tempaltes. These are the legacy templates. Explains why I don't have a clue what's going on here 🤷
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub <#28 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAEP3BBDXTJPKIKPIOBMLELRNXOOBANCNFSM4MNP4LJA>.