Uploaded image for project: 'Couchbase node.js Client Library'
  1. Couchbase node.js Client Library
  2. JSCBC-1128

VULN: Research and update Black Duck scans to not pick up dev dependencies

    XMLWordPrintable

Details

    • Task
    • Resolution: Unresolved
    • Major
    • None
    • None
    • None
    • None
    • 0

    Description

      The Black Duck scans are picking up dev dependencies for both Node.js and Ottoman SDKs.

      Tasks:

      • Figure out why dev dependencies are being picked up
      • Figure out what to do about deeply nested dependencies
      • See about fixing the behavior and preventing it in the future
      • Fix/close current VULN tickets

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            jared.casey Jared Casey
            jared.casey Jared Casey
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty