Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated package.json to include all non-breaking security fixes #3061

Open
wants to merge 4 commits into
base: dev
Choose a base branch
from
Open

Updated package.json to include all non-breaking security fixes #3061

wants to merge 4 commits into from

Conversation

nf3
Copy link

@nf3 nf3 commented May 12, 2022

NPM Package changelog

npm install dotenv
npm install oidc-client

npm install [email protected]
npm install [email protected]
npm install [email protected]
npm install [email protected]
npm install [email protected]

npm install --save-dev [email protected]
npm install --save-dev [email protected]

npm install --save-dev [email protected]
npm install --save-dev [email protected]
npm install --save-dev [email protected]

npm update ansi-regex --depth 5
npm update terser-webpack-plugin --depth 2
npm update ajv --depth 4
npm update null --depth 2

npm install --save-dev [email protected]
npm install --save-dev [email protected]
npm install --save-dev [email protected]
npm install --save-dev [email protected]
npm install --save-dev [email protected]
npm install --save-dev [email protected]

npm install npm@latest -g

npm install --legacy-peer-deps

plus the following overrides

"glob-parent": { ".": "^6.0.2"},
"semver-regex": { ".": "^3.1.3"},
"minimist": { ".": "^1.2.6" },
"tar": { ".": "^6.1.11"},
"ini": { ".": "^1.3.6"},
"ejs": { ".": "^3.1.8"}

julienben and others added 2 commits April 18, 2019 20:48
@julienben @gretzky
@mjhost @ngtan @jwinn @paulogdm @nshimiye @ryanswrt @spawnia @khayyamsaleem @vvozibic @lsanders
Merge pull request react-boilerplate#2632 from react-boilerplate/dev
d19099a 
The Big 4.0!

Co-authored-by: Sara Federico <[email protected]>
Co-authored-by: Paolo Mariotti <[email protected]>
Co-authored-by:  <[email protected]>
Co-authored-by: Tan Nguyen <[email protected]>
Co-authored-by: Jon Winn <[email protected]>
Co-authored-by: paulogdm <[email protected]>
Co-authored-by: Marcellin Nshimiyimana <[email protected]>
Co-authored-by: Ryan Swart <[email protected]>
Co-authored-by: Benedikt Franke <[email protected]>
Co-authored-by: Khayyam Saleem <[email protected]>
Co-authored-by: Vladimir Cibizov <[email protected]>
Co-authored-by: Al-un <[email protected]>
Co-authored-by: Larry <[email protected]>
@nf3
Updated package.json to include all security fixes
eebceff
nf3 added 2 commits May 25, 2022 16:57
@nf3
Integrate User Authentication using the Vault Vision Login-as-a-Service
f11f44c 
There are a few key areas updated to add support for the Vault Vision Login-as-a-Service

- Add Sagas flows for the loading user context from session storage and for validating the post authorization JWT token that first established a user as being authenticated by the Vault Vision OIDC identity provider

- Add Actions for pre and post user loading and pre and post callback authorization api call

- Add appropriate Reducers to consume Saga and Action triggers in order to modify Redux state

- Update unit tests to 100% PASS

- Create a PrivateRoute component that can be used to easily protect pages and routes that require authentication

- Create an example Dashboard page that requires authentication

- Create an example Profile page that requires authentication and displays all the available user data for an authenticated user

- Create SignIn, SignUp, SignOut button Components

- Integrate the NPM oidc-client

- Add a userManager that interfaces to the open source OIDC client library

- Add support for reading environment variables for OIDC settings using dotenv

- Update NPM packages to have 0 known vulnerabilities
@nf3
Update the semver-regex package from 3.1.3 to 3.1.4 for a vulnerability
6f92eed 
The semver-regex package listed a vulnerability in the npm audit for version 3.1.3, this vulnerability was fixed in 3.1.4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@julienben julienben Awaiting requested review from julienben julienben is a code owner

@gretzky gretzky Awaiting requested review from gretzky gretzky is a code owner

@justingreenberg justingreenberg Awaiting requested review from justingreenberg justingreenberg is a code owner

@jwinn jwinn Awaiting requested review from jwinn jwinn is a code owner

@Mensae Mensae Awaiting requested review from Mensae Mensae is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@nf3 @julienben