Skip to content

[master] Fix npm audit#2589

Open
nextcloud-command wants to merge 1 commit into
masterfrom
automated/noid/master-fix-npm-audit
Open

[master] Fix npm audit#2589
nextcloud-command wants to merge 1 commit into
masterfrom
automated/noid/master-fix-npm-audit

Conversation

@nextcloud-command
Copy link
Copy Markdown
Contributor

@nextcloud-command nextcloud-command commented May 10, 2026
edited
Loading

Audit report

No fixable problems found (7 unfixable, 2 only fixable manually using --force)

Full npm audit report

# npm audit report

elliptic  *
Elliptic Uses a Cryptographic Primitive with a Risky Implementation - https://github.com/advisories/GHSA-848j-6mx2-7j84
No fix available
node_modules/elliptic
  browserify-sign  >=2.4.0
  Depends on vulnerable versions of elliptic
  node_modules/browserify-sign
    crypto-browserify  >=3.4.0
    Depends on vulnerable versions of browserify-sign
    Depends on vulnerable versions of create-ecdh
    node_modules/crypto-browserify
      node-stdlib-browser  *
      Depends on vulnerable versions of crypto-browserify
      node_modules/node-stdlib-browser
        vite-plugin-node-polyfills  >=0.3.0
        Depends on vulnerable versions of node-stdlib-browser
        node_modules/vite-plugin-node-polyfills
          @nextcloud/vite-config  *
          Depends on vulnerable versions of vite-plugin-node-polyfills
          node_modules/@nextcloud/vite-config
  create-ecdh  *
  Depends on vulnerable versions of elliptic
  node_modules/create-ecdh

7 low severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

Node.js: v24.15.0 | npm: 11.14.1 | Branch: master

@nextcloud-command nextcloud-command added 3. to review dependencies Pull requests that update a dependency file labels May 10, 2026
@cypress
Copy link
Copy Markdown

cypress Bot commented May 10, 2026
edited
Loading

Activity    Run #3764

Run Properties:  status check failed Failed #3764  •  git commit 97401bc0a2: [master] Fix npm audit
Project Activity
Branch Review automated/noid/master-fix-npm-audit
Run status status check failed Failed #3764
Run duration 02m 00s
Commit git commit 97401bc0a2: [master] Fix npm audit
Committer Nextcloud Command Bot
View all properties for this run ↗︎
Test results
Tests that failed  Failures 1
Tests that were flaky  Flaky 0
Tests that did not run due to a developer annotating a test with .skip  Pending 1
Tests that did not run due to a failure in a mocha hook  Skipped 0
Tests that passed  Passing 8
View all changes introduced in this branch ↗︎

Tests for review

Failed  cypress/e2e/settings.cy.ts • 1 failed test • Run E2E

View Output

Test Artifacts
Check that user's settings survive a reload > Form survive a reload Test Replay Screenshots

@nextcloud-command
fix(deps): Fix npm audit
528f0ae 
Signed-off-by: GitHub <noreply@github.com>
@nextcloud-command nextcloud-command force-pushed the automated/noid/master-fix-npm-audit branch from a84ba1e to 528f0ae Compare May 17, 2026 04:16
@codecov
Copy link
Copy Markdown

codecov Bot commented May 17, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

3. to review dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nextcloud-command