inflight security issue in @nx/webpack #28541
Assignees
Labels
Comments
jaysoo
added a commit
that referenced
this issue
Nov 1, 2024
<!-- Please make sure you have read the submission guidelines before posting an PR --> <!-- https://github.com/nrwl/nx/blob/master/CONTRIBUTING.md#-submitting-a-pr --> <!-- Please make sure that your commit message follows our format --> <!-- Example: `fix(nx): must begin with lowercase` --> <!-- If this is a particularly complex change or feature addition, you can request a dedicated Nx release for this pull request branch. Mention someone from the Nx team or the `@nrwl/nx-pipelines-reviewers` and they will confirm if the PR warrants its own release for testing purposes, and generate it for you if appropriate. --> ## Current Behavior <!-- This is the behavior we have today --> ## Expected Behavior <!-- This is the behavior we should expect with the changes in this PR --> ## Related Issue(s) <!-- Please link the issue being fixed so it gets closed when this is merged. --> Fixes #28541
FrozenPandaz
pushed a commit
that referenced
this issue
Nov 12, 2024
<!-- Please make sure you have read the submission guidelines before posting an PR --> <!-- https://github.com/nrwl/nx/blob/master/CONTRIBUTING.md#-submitting-a-pr --> <!-- Please make sure that your commit message follows our format --> <!-- Example: `fix(nx): must begin with lowercase` --> <!-- If this is a particularly complex change or feature addition, you can request a dedicated Nx release for this pull request branch. Mention someone from the Nx team or the `@nrwl/nx-pipelines-reviewers` and they will confirm if the PR warrants its own release for testing purposes, and generate it for you if appropriate. --> ## Current Behavior <!-- This is the behavior we have today --> ## Expected Behavior <!-- This is the behavior we should expect with the changes in this PR --> ## Related Issue(s) <!-- Please link the issue being fixed so it gets closed when this is merged. --> Fixes #28541 (cherry picked from commit 8e460f1)
|
This issue has been closed for more than 30 days. If this issue is still occuring, please open a new issue with more recent context. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Current Behavior
Currently my app have a security issue due to @nx/webpack dependencies:
stylus@0.59.0 > glob@7.2.3 > inflight@1.0.6
https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
Expected Behavior
No severity issues caused by nx
GitHub Repo
No response
Steps to Reproduce
npx snyk test @nx/webpack@20.0.3Nx Report
Node : 22.9.0
OS : win32-x64
Native Target : x86_64-windows
npm : 10.9.0
nx : 20.0.2
@nx/js : 20.0.2
@nx/jest : 20.0.2
@nx/eslint : 20.0.2
@nx/workspace : 20.0.2
@nx/angular : 20.0.2
@nx/cypress : 20.0.2
@nx/devkit : 19.8.2
@nx/eslint-plugin : 20.0.2
@nrwl/tao : 19.8.4
@nx/web : 20.0.2
@nx/webpack : 20.0.2
typescript : 5.5.4
Registered Plugins:
@nx/eslint/plugin
@nx/cypress/plugin
Community plugins:
@ng-bootstrap/ng-bootstrap : 17.0.1
@ngrx/eslint-plugin : 18.1.0
@ngrx/signals : 18.1.0
ng-extract-i18n-merge : 2.12.0
ngx-toastr : 19.0.0
ngxtension : 4.0.0
nx-stylelint : 18.0.0
The following packages should match the installed version of nx
Failure Logs
No response
Package Manager Version
No response
Operating System
Additional Information
No response
The text was updated successfully, but these errors were encountered: