Skip to content
This repository was archived by the owner on Jul 29, 2024. It is now read-only.
This repository was archived by the owner on Jul 29, 2024. It is now read-only.

protractor > optimist > minimist Prototype Pollution #5413

Closed
#5416
Closed
protractor > optimist > minimist Prototype Pollution#5413
#5416
@sdavids

Description

@sdavids
sdavids
opened on Mar 26, 2020

Bug report

  • Node Version: v13.10.1
  • Protractor Version: 5.4.3
  • Angular Version: 9.1.0
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ minimist                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=0.2.1 <1.0.0 || >=1.2.3                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ protractor [dev]                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ protractor > optimist > minimist                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1179                            │
└───────────────┴──────────────────────────────────────────────────────────────┘

optimist is deprecated--maybe update to yargs?

Activity

alan-agius4
added 2 commits that reference this issue on Mar 31, 2020

fix: security pototype pollution

7b14072

fix: security prototype pollution

e29fbbc
alan-agius4
mentioned this on Mar 31, 2020
alan-agius4
added 2 commits that reference this issue on Mar 31, 2020

fix: security prototype pollution

daef393

fix: security prototype pollution

4acc0a1
colbyhill21

colbyhill21 commented on Apr 9, 2020

@colbyhill21
colbyhill21
on Apr 9, 2020

The change has been completed by @alan-agius4 although it still hasn't been merged in. Is there any estimate on when these changes will be merged and released?

inpercima

inpercima commented on Apr 11, 2020

@inpercima
inpercima
on Apr 11, 2020

Is there a way to merge this existing pull request?

alan-agius4
added a commit that references this issue on Apr 11, 2020

fix: security prototype pollution

6e6584a
kyliau
added a commit that references this issue on Apr 15, 2020

fix: security prototype pollution

ad8ce86
kyliau
closed this as completedin #5416on Apr 15, 2020
kyliau
added 2 commits that reference this issue on Apr 15, 2020

fix: security prototype pollution

3b7fe02

fix: security prototype pollution

7602f47
kyliau
mentioned this on Apr 15, 2020
alan-agius4
added 2 commits that reference this issue on Apr 16, 2020

fix: security prototype pollution

f417221

fix: security prototype pollution

1d9fe84

4 remaining items

Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      protractor > optimist > minimist Prototype Pollution · Issue #5413 · angular/protractor