Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(security): upgrade fabric 2.x deps to 2.2.18 #2610

Closed
petermetz opened this issue Aug 12, 2023 · 0 comments · Fixed by #2611
Closed

fix(security): upgrade fabric 2.x deps to 2.2.18 #2610

petermetz opened this issue Aug 12, 2023 · 0 comments · Fixed by #2611
Assignees
@petermetz
Labels
bug Something isn't working dependencies Pull requests that update a dependency file P1 Priority 1: Highest Security Related to existing or potential security vulnerabilities
Milestone
v2.0.0-alpha.2

Comments

@petermetz
Copy link
Contributor

In order to partially fix this problem with older versions of nconf we need to perform
a minor upgrade for fabric 2.2.x npm dependencies.

The complete solution will be to also completely eliminate Fabric 1.4.x usage
but another issue already covers that.

https://github.com/hyperledger/cacti/security/dependabot/131
@petermetz petermetz added bug Something isn't working dependencies Pull requests that update a dependency file P1 Priority 1: Highest Security Related to existing or potential security vulnerabilities labels Aug 12, 2023
@petermetz petermetz self-assigned this Aug 12, 2023
@petermetz petermetz added this to the v2.0.0-alpha.2 milestone Aug 12, 2023
petermetz added a commit to petermetz/cacti that referenced this issue Aug 12, 2023
@petermetz
fix(security): upgrade fabric 2.x deps to 2.2.18
9ffd220 
Also performed a snapshot upgrade where needed.

Fixes hyperledger-cacti#2610

Signed-off-by: Peter Somogyvari <[email protected]>
@petermetz petermetz mentioned this issue Aug 12, 2023
Merged
petermetz added a commit to petermetz/cacti that referenced this issue Aug 17, 2023
@petermetz
fix(security): upgrade fabric 2.x deps to 2.2.18
1e791fe 
Also performed a snapshot upgrade where needed.

Fixes hyperledger-cacti#2610

Signed-off-by: Peter Somogyvari <[email protected]>
petermetz added a commit to petermetz/cacti that referenced this issue Aug 17, 2023
@petermetz
fix(security): upgrade fabric 2.x deps to 2.2.18
4c71e6b 
Also performed a snapshot upgrade where needed.

Fixes hyperledger-cacti#2610

Signed-off-by: Peter Somogyvari <[email protected]>
petermetz added a commit that referenced this issue Aug 18, 2023
@petermetz
fix(security): upgrade fabric 2.x deps to 2.2.18
36988a5 
Also performed a snapshot upgrade where needed.

Fixes #2610

Signed-off-by: Peter Somogyvari <[email protected]>
sandeepnRES pushed a commit to sandeepnRES/cacti that referenced this issue Dec 21, 2023
@petermetz @sandeepnRES
fix(security): upgrade fabric 2.x deps to 2.2.18
10c42aa 
Also performed a snapshot upgrade where needed.

Fixes hyperledger-cacti#2610

Signed-off-by: Peter Somogyvari <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@petermetz petermetz

Labels
bug Something isn't working dependencies Pull requests that update a dependency file P1 Priority 1: Highest Security Related to existing or potential security vulnerabilities
Projects
None yet
Milestone
v2.0.0-alpha.2
Development

Successfully merging a pull request may close this issue.

fix(security): upgrade fabric 2.x deps to 2.2.18 petermetz/cacti
1 participant
@petermetz