OFBiz OFBiz - Dev

Releasing 16.11.06 and vulnerable js libs

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Releasing 16.11.06 and vulnerable js libs

Jacques Le Roux
Administrator
Hi,

The PMC wants to release the 16.11.06 version "soon" (ASAP actually). For that some points need to be done.

One notably is OFBIZ-10678 "Check embedded Javascript libs vulnerabilities using retire.js"

I had a look today and there are no high vulnerabilities which is good.

There are few medium and low and it would be better to fix them. Notably because 16.11.06 will certainly be our last R16 version.

I expect to work on it but I have other important tasks to do before we can release (removing Gradle and OFBIZ-10427 come to mind) and all help would
be appreciated

TIA

Jacques

adityasharma
Reply | Threaded
Open this post in threaded view
|

Re: Releasing 16.11.06 and vulnerable js libs

adityasharma
Hi Jacques,

I am up for it.

Thanks and Regards
Aditya Sharma

On Thu, Jun 6, 2019, 7:16 PM Jacques Le Roux <[hidden email]>
wrote:

> Hi,
>
> The PMC wants to release the 16.11.06 version "soon" (ASAP actually). For
> that some points need to be done.
>
> One notably is OFBIZ-10678 "Check embedded Javascript libs vulnerabilities
> using retire.js"
>
> I had a look today and there are no high vulnerabilities which is good.
>
> There are few medium and low and it would be better to fix them. Notably
> because 16.11.06 will certainly be our last R16 version.
>
> I expect to work on it but I have other important tasks to do before we
> can release (removing Gradle and OFBIZ-10427 come to mind) and all help
> would
> be appreciated
>
> TIA
>
> Jacques
>
>
Free forum by Nabble Edit this page