Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Identify And Fix NPM Vulnerabilities In All Repositories - mid-September #2532

Closed
3 of 7 tasks
nickaddy opened this issue Aug 6, 2024 · 4 comments · Fixed by jac-uk/digital-platform#1194 or jac-uk/assessments#190 · May be fixed by jac-uk/apply#1222
Closed
3 of 7 tasks

Identify And Fix NPM Vulnerabilities In All Repositories - mid-September #2532

nickaddy opened this issue Aug 6, 2024 · 4 comments · Fixed by jac-uk/digital-platform#1194 or jac-uk/assessments#190 · May be fixed by jac-uk/apply#1222
Assignees
@drieJAC
Labels
Tech Debt Tech Debt from the project

Comments

@nickaddy
Copy link
Contributor

nickaddy commented Aug 6, 2024
edited by KoWeiJAC
Loading

Background

Identify and fix NPM vulnerabilities in all repos. This should be conducted in the middle of the month to ensure it is regular. Once completed, the ticket should be duplicated and renamed for the next sprint.

User Story

For all repositories, on a monthly basis and as a developer, I want to run NPM audit checks to expose any new NPM vulnerabilities and fix them to prevent ongoing security issues from package dependencies.

Feature(s) Description

Ensure there are no vulnerabilities in the following repos:

  • admin
  • apply
  • digital-platform
  • assessments
  • qt
  • qt admin
  • qt platform
@nickaddy nickaddy added the Tech Debt Tech Debt from the project label Aug 6, 2024
@nickaddy nickaddy changed the title Copy of Identify And Fix NPM Vulnerabilities In All Repositiories Identify And Fix NPM Vulnerabilities In All Repositories - September Aug 6, 2024
@nickaddy
Copy link
Contributor Author

nickaddy commented Aug 6, 2024

@HalcyonJAC @tomlovesgithub I've created a duplicate of this ticket for September - perhaps we could make that the responsibility of whoever is working on the current ticket to make a duplicate for the next month?

@tomlovesgithub
Copy link
Contributor

New tickets will be created for any vulnerability that are found by running audit checks against each repo, and will be estimated individually.

@nickaddy nickaddy changed the title Identify And Fix NPM Vulnerabilities In All Repositories - September Identify And Fix NPM Vulnerabilities In All Repositories - mid-September Aug 30, 2024
@drieJAC
Copy link
Contributor

drieJAC commented Sep 13, 2024

Fixes were applied to the following repos:

apply: jac-uk/apply#1222
assessments: jac-uk/assessments#190
digital-platform: jac-uk/digital-platform#1194

This was referenced Sep 13, 2024
Merged
Open
Merged
@drieJAC drieJAC assigned drieJAC and unassigned HalcyonJAC Sep 13, 2024
@nickaddy
Copy link
Contributor Author

@drieJAC Is this task complete for September? If so, can a duplicate be created for October and this ticket closed pls?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@drieJAC drieJAC

Labels
Tech Debt Tech Debt from the project
Projects
None yet
Milestone
No milestone
4 participants
@tomlovesgithub @HalcyonJAC @drieJAC @nickaddy