Updating npm event-stream in Mahara package.json

Bug #1805492 reported by Robert Lyon on 2018-11-27
262
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Mahara
High
Unassigned
17.10
High
Unassigned
18.04
High
Unassigned
18.10
High
Unassigned
19.04
High
Unassigned

Bug Description

As the version in package.json is specified as "^3.3.4", there's the potential for version 3.3.6 to have been retrieved. We've seen this on at least one local Mahara instance.

The problematic version of the library has been pulled and version 3.3.4 is the last good version.

So will lock to version 3.3.4 for now.

Robert Lyon (robertl-9) wrote :

One will need to run:

 npm install event-stream@3.3.4

to get the correct version if they don't already have it

Steven (stevens-q) wrote :

Environment tested: Master
Browser tested: Chrome

Preconditions:
---------------------
1. User has npm event-stream@3.3.3 installed

Test Steps:
---------------------
1. Using the terminal enter the following -- npm install event-stream@3.3.3
2. Pull the patch and ensure make CSS has run
3. Using the terminal enter the following — npm list event-stream
4. Confirm the following is returned — event-stream@3.3.4

Catalyst Qa Approved ✔

Reviewed: https://reviews.mahara.org/9338
Committed: https://git.mahara.org/mahara/mahara/commit/3042084ac20eb85cc4e9578016ac775cca7beabe
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 3042084ac20eb85cc4e9578016ac775cca7beabe
Author: Robert Lyon <email address hidden>
Date: Wed Nov 28 07:39:26 2018 +1300

Bug 1805492: fixing event-stream to a safe version

behatnotneeded

Change-Id: I8334d8f95f1c218f1a264f01a4e62b3e8f3c7ea5
Signed-off-by: Robert Lyon <email address hidden>

Reviewed: https://reviews.mahara.org/9349
Committed: https://git.mahara.org/mahara/mahara/commit/2a5964e7c966571ebb36592edf2a96a22ca4ccfb
Submitter: Robert Lyon (<email address hidden>)
Branch: 18.10_STABLE

commit 2a5964e7c966571ebb36592edf2a96a22ca4ccfb
Author: Robert Lyon <email address hidden>
Date: Wed Nov 28 07:39:26 2018 +1300

Bug 1805492: fixing event-stream to a safe version

behatnotneeded

Change-Id: I8334d8f95f1c218f1a264f01a4e62b3e8f3c7ea5
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit 3042084ac20eb85cc4e9578016ac775cca7beabe)

Mahara Bot (dev-mahara) wrote :

Patch for "18.04_STABLE" branch: https://reviews.mahara.org/9479

Reviewed: https://reviews.mahara.org/9479
Committed: https://git.mahara.org/mahara/mahara/commit/7e4c8d8dac83affe0b8417006a688fcbeea8e349
Submitter: Robert Lyon (<email address hidden>)
Branch: 18.04_STABLE

commit 7e4c8d8dac83affe0b8417006a688fcbeea8e349
Author: Robert Lyon <email address hidden>
Date: Fri Jan 25 15:48:43 2019 +1300

Bug 1805492: fixing event-stream to a safe version

behatnotneeded

Change-Id: I8334d8f95f1c218f1a264f01a4e62b3e8f3c7ea5
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit 3042084ac20eb85cc4e9578016ac775cca7beabe)

Mahara Bot (dev-mahara) wrote :

Reviewed: https://reviews.mahara.org/9478
Committed: https://git.mahara.org/mahara/mahara/commit/f794dde5ca551ad06782f273d082c454fc419ce4
Submitter: Robert Lyon (<email address hidden>)
Branch: 17.10_STABLE

commit f794dde5ca551ad06782f273d082c454fc419ce4
Author: Robert Lyon <email address hidden>
Date: Fri Jan 25 15:48:43 2019 +1300

Bug 1805492: fixing event-stream to a safe version

behatnotneeded

Change-Id: I8334d8f95f1c218f1a264f01a4e62b3e8f3c7ea5
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit 3042084ac20eb85cc4e9578016ac775cca7beabe)

To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers