Fix/dependency vulnerability #22

Isabelar07 · 2021-09-25T03:50:26Z

fixes vulnerability of dependencies

vcwild · 2021-09-25T03:53:05Z

Resolves #21

DevRadhy

ok

RodrigoDornelles

Eu não manjo tanto do eco sistema de javascript, mas apareceu alguns alertas de dependências ultrapassadas, consegue aferir o impacto e talvez corrigir?

npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated @types/[email protected]: Mongoose publishes its own types, so you do not need to install this package.

Isabelar07 · 2021-09-27T21:58:35Z

não estamos usando uuid, usamos o object_id do mongo. Não sei se object_id usa o uuid por debaixo dos panos, mas acredito que isso não vai impactar na api, assim como os demais. Mas posso "atualizar" se for o caso. Em relação ao type do mongoose, vou deixar com ele mesmo. O emídio tem mais experiência com mongo e nestjs do que eu, então acredito que ele colocou o type por algum motivo.

RodrigoDornelles

Aprovado então! deixo para o @caio-emidio considerar essas coisas futuramente!

caio-emidio · 2021-09-29T18:59:26Z

Um esquema ali era ter dado upgrade e ver se vai dar B.O.

fix: dependency vulnerability

bc30c95

Isabelar07 requested review from caio-emidio, RodrigoDornelles, vcwild and DevRadhy September 25, 2021 03:50

Isabelar07 changed the base branch from main to develop September 25, 2021 03:50

DevRadhy approved these changes Sep 25, 2021

View reviewed changes

vcwild approved these changes Sep 25, 2021

View reviewed changes

This was linked to issues Sep 26, 2021

unable to resolve dependency tree #20

Closed

Problema com dependências do projeto #21

Closed

RodrigoDornelles suggested changes Sep 26, 2021

View reviewed changes

RodrigoDornelles approved these changes Sep 27, 2021

View reviewed changes

Isabelar07 merged commit d0a0aad into aHub-Tech:develop Sep 29, 2021

DevRadhy mentioned this pull request Oct 11, 2021

Migrar HubAPI para DigitalOcean #18

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix/dependency vulnerability #22

Fix/dependency vulnerability #22

Isabelar07 commented Sep 25, 2021

vcwild commented Sep 25, 2021

DevRadhy left a comment

RodrigoDornelles left a comment

Isabelar07 commented Sep 27, 2021

RodrigoDornelles left a comment

caio-emidio commented Sep 29, 2021

Fix/dependency vulnerability #22

Fix/dependency vulnerability #22

Conversation

Isabelar07 commented Sep 25, 2021

vcwild commented Sep 25, 2021

DevRadhy left a comment

Choose a reason for hiding this comment

RodrigoDornelles left a comment

Choose a reason for hiding this comment

Isabelar07 commented Sep 27, 2021

RodrigoDornelles left a comment

Choose a reason for hiding this comment

caio-emidio commented Sep 29, 2021