arcus-smart-home / arcusweb Goto Github PK
View Code? Open in Web Editor NEWDoneJS Web Application for Arcus
License: Apache License 2.0
arcusweb's People
Contributors
Stargazers
Watchers
Forkers
nilsbohr dbadia maxisam jtstarr ogiewon ineczka alancnet theocdgeek dtbolt tookiewana hoger611 extremedie rboy1 e7ats iotts-jh lalooprasad mplegaspi flische kevintsang wl-net s0u1sb4n3 harwoodspike tsangb sebtardif toha916 codecanna birdslikewiresarcusweb's Issues
Attempts to upsell but pro monitoring availability code seems to be missing
When creating an account I'm prompted as to whether I want to signup for pro monitoring, but I can't opt out or dismiss the dialog since the backend code is missing
Address findings from npm audit
{
"actions": [
{
"isMajor": true,
"action": "install",
"resolves": [
{
"id": 146,
"path": "mocha>growl",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "mocha>debug",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "mocha",
"target": "6.2.0"
},
{
"isMajor": true,
"action": "install",
"resolves": [
{
"id": 577,
"path": "generator-donejs>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 612,
"path": "generator-donejs>yeoman-generator>mem-fs-editor>deep-extend",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 782,
"path": "generator-donejs>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>lodash",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "generator-donejs",
"target": "3.4.1"
},
{
"isMajor": true,
"action": "install",
"resolves": [
{
"id": 824,
"path": "puppeteer",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "puppeteer",
"target": "1.20.0"
},
{
"action": "update",
"resolves": [
{
"id": 535,
"path": "steal-less>less>mime",
"dev": true,
"optional": true,
"bundled": false
}
],
"module": "mime",
"target": "1.6.0",
"depth": 3
},
{
"action": "update",
"resolves": [
{
"id": 788,
"path": "eslint>js-yaml",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 813,
"path": "eslint>js-yaml",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "js-yaml",
"target": "3.13.1",
"depth": 2
},
{
"action": "update",
"resolves": [
{
"id": 796,
"path": "can-connect>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "can-map-backup>can-connect>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "can-fixture>can-connect>jquery",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "can-connect>steal-stache>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "can-map-backup>can-connect>steal-stache>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "can-fixture>can-connect>steal-stache>jquery",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "can-view-import>steal-stache>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "done-autorender>can-view-import>steal-stache>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "done-autorender>steal-stache>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "steal-stache>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "can-map-backup>can-fixture>can-connect>steal-stache>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "can-map-backup>can-jquery>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "semantic-ui-css>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "semantic-ui-dropdown-canjs>semantic-ui-css>jquery",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 796,
"path": "semantic-ui-dropdown-canjs>jquery",
"dev": false,
"optional": false,
"bundled": false
}
],
"module": "jquery",
"target": "3.4.1",
"depth": 5
},
{
"action": "update",
"resolves": [
{
"id": 880,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>miner>localtunnel>axios",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "localtunnel",
"target": "1.9.2",
"depth": 3
},
{
"action": "update",
"resolves": [
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>braces>snapdragon>base>cache-base>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>braces>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>extglob>snapdragon>base>cache-base>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>extglob>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>snapdragon>base>cache-base>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>braces>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>braces>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>extglob>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>braces>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>braces>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>extglob>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>snapdragon>base>cache-base>set-value",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "set-value",
"target": "2.0.1",
"depth": 13
},
{
"action": "update",
"resolves": [
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "documentjs>chokidar>readdirp>micromatch>snapdragon>base>cache-base>union-value>set-value",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>readdirp>micromatch>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>globby>fast-glob>micromatch>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>braces>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1012,
"path": "steal-tools>chokidar>anymatch>micromatch>snapdragon>base>cache-base>union-value>set-value",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "union-value",
"target": "1.0.1",
"depth": 13
},
{
"action": "update",
"resolves": [
{
"id": 1013,
"path": "documentjs>chokidar>readdirp>micromatch>braces>snapdragon>base>mixin-deep",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>readdirp>micromatch>braces>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "documentjs>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "documentjs>chokidar>readdirp>micromatch>extglob>snapdragon>base>mixin-deep",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>readdirp>micromatch>extglob>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "documentjs>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>mixin-deep",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>nanomatch>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>globby>fast-glob>micromatch>nanomatch>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>anymatch>micromatch>nanomatch>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "documentjs>chokidar>readdirp>micromatch>snapdragon>base>mixin-deep",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>readdirp>micromatch>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>braces>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>globby>fast-glob>micromatch>braces>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>globby>fast-glob>micromatch>extglob>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>globby>fast-glob>micromatch>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>anymatch>micromatch>braces>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>braces>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>anymatch>micromatch>extglob>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1013,
"path": "steal-tools>chokidar>anymatch>micromatch>snapdragon>base>mixin-deep",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "mixin-deep",
"target": "1.3.2",
"depth": 12
},
{
"action": "update",
"resolves": [
{
"id": 1065,
"path": "lodash",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "donejs-cli>yeoman-environment>grouped-queue>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>yeoman-generator>yeoman-environment>grouped-queue>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>grouped-queue>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "donejs-cli>yeoman-environment>inquirer>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>yeoman-generator>yeoman-environment>inquirer>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "donejs-cli>yeoman-environment>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>yeoman-generator>yeoman-environment>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "eslint>inquirer>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "eslint>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "eslint>table>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "eslint-plugin-import>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>generator-license>yeoman-generator>async>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>generator-license>yeoman-generator>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>inquirer>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>generator-license>yeoman-generator>yeoman-environment>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>yeoman-generator>async>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "generator-donejs>yeoman-generator>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "remap-istanbul>istanbul>handlebars>async>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>istanbul>handlebars>async>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "steal-tools>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "steal-tools>transpile>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-generator>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-template>babel-traverse>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-traverse>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-helpers>babel-template>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-template>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-generator>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-helpers>babel-template>babel-traverse>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-template>babel-traverse>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-traverse>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-helpers>babel-template>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-template>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-register>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>lodash",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>launchpad>async>lodash",
"dev": true,
"optional": false,
"bundled": false
}
],
"module": "lodash",
"target": "4.17.15",
"depth": 7
},
{
"action": "review",
"module": "uglify-js",
"resolves": [
{
"id": 39,
"path": "documentjs>handlebars>uglify-js",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 48,
"path": "documentjs>handlebars>uglify-js",
"dev": false,
"optional": false,
"bundled": false
}
]
},
{
"action": "review",
"module": "handlebars",
"resolves": [
{
"id": 61,
"path": "documentjs>handlebars",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 755,
"path": "documentjs>handlebars",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 755,
"path": "remap-istanbul>istanbul>handlebars",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 755,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>istanbul>handlebars",
"dev": true,
"optional": false,
"bundled": false
}
]
},
{
"action": "review",
"module": "hawk",
"resolves": [
{
"id": 77,
"path": "documentjs>less>request>hawk",
"dev": false,
"bundled": false,
"optional": true
}
]
},
{
"action": "review",
"module": "minimatch",
"resolves": [
{
"id": 118,
"path": "documentjs>minimatch",
"dev": false,
"optional": false,
"bundled": false
}
]
},
{
"action": "review",
"module": "growl",
"resolves": [
{
"id": 146,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>mocha>growl",
"dev": true,
"optional": false,
"bundled": false
}
]
},
{
"action": "review",
"module": "request",
"resolves": [
{
"id": 309,
"path": "documentjs>documentjs-github-download>request",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 309,
"path": "documentjs>less>request",
"dev": false,
"optional": true,
"bundled": false
}
]
},
{
"action": "review",
"module": "parsejson",
"resolves": [
{
"id": 528,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-client>engine.io-client>parsejson",
"dev": true,
"bundled": false,
"optional": false
}
]
},
{
"action": "review",
"module": "debug",
"resolves": [
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>mocha>debug",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>debug",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>engine.io>debug",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-adapter>debug",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-adapter>socket.io-parser>debug",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-client>socket.io-parser>debug",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-parser>debug",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-client>debug",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 534,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-client>engine.io-client>debug",
"dev": true,
"optional": false,
"bundled": false
}
]
},
{
"action": "review",
"module": "mime",
"resolves": [
{
"id": 535,
"path": "documentjs>documentjs-github-download>request>form-data>mime",
"dev": false,
"optional": false,
"bundled": true
},
{
"id": 535,
"path": "documentjs>documentjs-github-download>request>mime",
"dev": false,
"optional": false,
"bundled": true
},
{
"id": 535,
"path": "documentjs>less>mime",
"dev": false,
"optional": true,
"bundled": false
},
{
"id": 535,
"path": "documentjs>less>request>form-data>mime",
"dev": false,
"optional": true,
"bundled": false
}
]
},
{
"action": "review",
"module": "hoek",
"resolves": [
{
"id": 566,
"path": "documentjs>less>request>hawk>boom>hoek",
"dev": false,
"bundled": false,
"optional": true
},
{
"id": 566,
"path": "documentjs>less>request>hawk>cryptiles>boom>hoek",
"dev": false,
"bundled": false,
"optional": true
},
{
"id": 566,
"path": "documentjs>less>request>hawk>hoek",
"dev": false,
"bundled": false,
"optional": true
},
{
"id": 566,
"path": "documentjs>less>request>hawk>sntp>hoek",
"dev": false,
"bundled": false,
"optional": true
}
]
},
{
"action": "review",
"module": "lodash",
"resolves": [
{
"id": 577,
"path": "documentjs>lodash",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 782,
"path": "documentjs>lodash",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "documentjs>lodash",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "83d87e5ada9fa856181c2b647b1b7dc3fde6d85269d655f51f1485014407307f>lodash",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 1065,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>lodash",
"dev": true,
"optional": false,
"bundled": false
}
]
},
{
"action": "review",
"module": "tunnel-agent",
"resolves": [
{
"id": 598,
"path": "documentjs>less>request>tunnel-agent",
"dev": false,
"optional": true,
"bundled": false
}
]
},
{
"action": "review",
"module": "clean-css",
"resolves": [
{
"id": 785,
"path": "documentjs>less>clean-css",
"dev": false,
"optional": true,
"bundled": false
}
]
},
{
"action": "review",
"module": "braces",
"resolves": [
{
"id": 786,
"path": "documentjs>chokidar>anymatch>micromatch>braces",
"dev": false,
"optional": false,
"bundled": false
},
{
"id": 786,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>test-exclude>micromatch>braces",
"dev": true,
"optional": false,
"bundled": false
}
]
},
{
"action": "review",
"module": "js-yaml",
"resolves": [
{
"id": 788,
"path": "remap-istanbul>istanbul>js-yaml",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 788,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>istanbul>js-yaml",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 813,
"path": "remap-istanbul>istanbul>js-yaml",
"dev": true,
"optional": false,
"bundled": false
},
{
"id": 813,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>istanbul>js-yaml",
"dev": true,
"optional": false,
"bundled": false
}
]
},
{
"action": "review",
"module": "fstream",
"resolves": [
{
"id": 886,
"path": "9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>miner>browserstacktunnel-wrapper>unzip>fstream",
"dev": true,
"optional": false,
"bundled": false
}
]
}
],
"advisories": {
"39": {
"findings": [
{
"version": "1.2.6",
"paths": [
"documentjs>handlebars>uglify-js"
]
}
],
"id": 39,
"created": "2015-10-17T19:41:46.382Z",
"updated": "2019-06-14T23:28:21.694Z",
"deleted": null,
"title": "Incorrect Handling of Non-Boolean Comparisons During Minification",
"found_by": {
"name": "Tom MacWright"
},
"reported_by": {
"name": "Tom MacWright"
},
"module_name": "uglify-js",
"cves": [
"CVE-2015-8857"
],
"vulnerable_versions": "<= 2.4.23",
"patched_versions": ">= 2.4.24",
"overview": "Versions of `uglify-js` prior to 2.4.24 are affected by a vulnerability which may cause crafted JavaScript to have altered functionality after minification.\n\n",
"recommendation": "Upgrade UglifyJS to version >= 2.4.24.",
"references": "- [Backdooring JS - Yan Zhu(@bcrypt)](https://zyan.scripts.mit.edu/blog/backdooring-js/)\n- [Issue #751](https://github.com/mishoo/UglifyJS2/issues/751)",
"access": "public",
"severity": "low",
"cwe": "CWE-95",
"metadata": {
"module_type": "Multi.Compiler",
"exploitability": 2,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/39"
},
"48": {
"findings": [
{
"version": "1.2.6",
"paths": [
"documentjs>handlebars>uglify-js"
]
}
],
"id": 48,
"created": "2015-10-24T17:58:34.232Z",
"updated": "2018-02-24T00:59:58.129Z",
"deleted": null,
"title": "Regular Expression Denial of Service",
"found_by": {
"name": "Adam Baldwin"
},
"reported_by": {
"name": "Adam Baldwin"
},
"module_name": "uglify-js",
"cves": [
"CVE-2015-8858"
],
"vulnerable_versions": "<2.6.0",
"patched_versions": ">=2.6.0",
"overview": "Versions of `uglify-js` prior to 2.6.0 are affected by a regular expression denial of service vulnerability when malicious inputs are passed into the `parse()` method.\n\n\n### Proof of Concept\n\n```\nvar u = require('uglify-js');\nvar genstr = function (len, chr) {\n var result = \"\";\n for (i=0; i<=len; i++) {\n result = result + chr;\n }\n\n return result;\n}\n\nu.parse(\"var a = \" + genstr(process.argv[2], \"1\") + \".1ee7;\");\n```\n\n### Results\n```\n$ time node test.js 10000\nreal\t0m1.091s\nuser\t0m1.047s\nsys\t0m0.039s\n\n$ time node test.js 80000\nreal\t0m6.486s\nuser\t0m6.229s\nsys\t0m0.094s\n```",
"recommendation": "Update to version 2.6.0 or later.",
"references": "",
"access": "public",
"severity": "low",
"cwe": "CWE-400",
"metadata": {
"module_type": "CLI.Compiler",
"exploitability": 3,
"affected_components": "Internal::Code::Method::parse([*])"
},
"url": "https://npmjs.com/advisories/48"
},
"61": {
"findings": [
{
"version": "1.0.10",
"paths": [
"documentjs>handlebars"
]
}
],
"id": 61,
"created": "2015-12-14T16:51:56.173Z",
"updated": "2019-06-24T15:19:06.409Z",
"deleted": null,
"title": "Cross-Site Scripting",
"found_by": {
"name": "Matias P. Brutti"
},
"reported_by": {
"name": "Matias P. Brutti"
},
"module_name": "handlebars",
"cves": [
"CVE-2015-8861"
],
"vulnerable_versions": "<4.0.0",
"patched_versions": ">=4.0.0",
"overview": "Versions of `handlebars` prior to 4.0.0 are affected by a cross-site scripting vulnerability when attributes in handlebar templates are not quoted.\n\n\n## Proof of Concept\nTemplate:\n```<a href={{foo}}/>```\n\nInput:\n```{ 'foo' : 'test.com onload=alert(1)'}```\n\nRendered result:\n```<a href=test.com onload=alert(1)/>```",
"recommendation": "Update to version 4.0.0 or later.\nAlternatively, ensure that all attributes in handlebars templates are encapsulated with quotes.",
"references": "- [SourceClear - Handlebars Research Findings](https://blog.srcclr.com/handlebars_vulnerability_research_findings/)\n- [PR #1083](https://github.com/wycats/handlebars.js/pull/1083)",
"access": "public",
"severity": "high",
"cwe": "CWE-79",
"metadata": {
"module_type": "Network.Library",
"exploitability": 7,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/61"
},
"77": {
"findings": [
{
"version": "1.1.1",
"paths": [
"documentjs>less>request>hawk"
]
}
],
"id": 77,
"created": "2016-01-19T21:50:30.175Z",
"updated": "2018-02-26T22:47:26.285Z",
"deleted": null,
"title": "Regular Expression Denial of Service",
"found_by": {
"name": "Adam Baldwin"
},
"reported_by": {
"name": "Adam Baldwin"
},
"module_name": "hawk",
"cves": [
"CVE-2016-2515"
],
"vulnerable_versions": "< 3.1.3 || >= 4.0.0 <4.1.1",
"patched_versions": ">=3.1.3 < 4.0.0 || >=4.1.1",
"overview": "Versions of `hawk` prior to 3.1.3, or 4.x prior to 4.1.1 are affected by a regular expression denial of service vulnerability related to excessively long headers and URI's.\n",
"recommendation": "Update to hawk version 4.1.1 or later.",
"references": "[Issue #168](https://github.com/hueniverse/hawk/issues/168)",
"access": "public",
"severity": "moderate",
"cwe": "CWE-400",
"metadata": {
"module_type": "Network.Library",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/77"
},
"118": {
"findings": [
{
"version": "1.0.0",
"paths": [
"documentjs>minimatch"
]
}
],
"id": 118,
"created": "2016-05-25T16:37:20.000Z",
"updated": "2018-03-01T21:58:01.072Z",
"deleted": null,
"title": "Regular Expression Denial of Service",
"found_by": {
"name": "Nick Starke"
},
"reported_by": {
"name": "Nick Starke"
},
"module_name": "minimatch",
"cves": [
"CVE-2016-10540"
],
"vulnerable_versions": "<=3.0.1",
"patched_versions": ">=3.0.2",
"overview": "Affected versions of `minimatch` are vulnerable to regular expression denial of service attacks when user input is passed into the `pattern` argument of `minimatch(path, pattern)`.\n\n\n## Proof of Concept\n```\nvar minimatch = require(“minimatch”);\n\n// utility function for generating long strings\nvar genstr = function (len, chr) {\n var result = “”;\n for (i=0; i<=len; i++) {\n result = result + chr;\n }\n return result;\n}\n\nvar exploit = “[!” + genstr(1000000, “\\\\”) + “A”;\n\n// minimatch exploit.\nconsole.log(“starting minimatch”);\nminimatch(“foo”, exploit);\nconsole.log(“finishing minimatch”);\n```",
"recommendation": "Update to version 3.0.2 or later.",
"references": "",
"access": "public",
"severity": "high",
"cwe": "CWE-400",
"metadata": {
"module_type": "Multi.Library",
"exploitability": 4,
"affected_components": "Internal::Code::Function::minimatch({type:'args', key:0, vector:{type:'string'}})"
},
"url": "https://npmjs.com/advisories/118"
},
"146": {
"findings": [
{
"version": "1.9.2",
"paths": [
"mocha>growl",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>mocha>growl"
]
}
],
"id": 146,
"created": "2016-09-06T12:49:40.000Z",
"updated": "2019-06-24T14:53:20.802Z",
"deleted": null,
"title": "Command Injection",
"found_by": {
"name": "Cristian-Alexandru Staicu"
},
"reported_by": {
"name": "Cristian-Alexandru Staicu"
},
"module_name": "growl",
"cves": [
"CVE-2017-16042"
],
"vulnerable_versions": "<1.10.2",
"patched_versions": ">=1.10.2",
"overview": "Affected versions of `growl` do not properly sanitize input prior to passing it into a shell command, allowing for arbitrary command execution.",
"recommendation": "Update to version 1.10.2 or later.",
"references": "- [Issue #60](https://github.com/tj/node-growl/issues/60)\n- [PR #61](https://github.com/tj/node-growl/pull/61)",
"access": "public",
"severity": "critical",
"cwe": "CWE-94",
"metadata": {
"module_type": "CLI.Library",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/146"
},
"309": {
"findings": [
{
"version": "2.12.0",
"paths": [
"documentjs>documentjs-github-download>request"
]
},
{
"version": "2.40.0",
"paths": [
"documentjs>less>request"
]
}
],
"id": 309,
"created": "2017-02-01T23:21:46.000Z",
"updated": "2019-06-24T15:11:39.289Z",
"deleted": null,
"title": "Remote Memory Exposure",
"found_by": {
"name": "Feross Aboukhadijeh"
},
"reported_by": {
"name": "Feross Aboukhadijeh"
},
"module_name": "request",
"cves": [
"CVE-2017-16026"
],
"vulnerable_versions": ">=2.2.6 <2.47.0 || >2.51.0 <=2.67.0",
"patched_versions": ">=2.68.0",
"overview": "Affected versions of `request` will disclose local system memory to remote systems in certain circumstances. When a multipart request is made, and the type of `body` is `number`, then a buffer of that size will be allocated and sent to the remote server as the body.\n\n## Proof of Concept\n\n```\nvar request = require('request');\nvar http = require('http');\n\nvar serveFunction = function (req, res){\n\treq.on('data', function (data) {\n console.log(data)\n });\n\tres.end();\n};\nvar server = http.createServer(serveFunction);\nserver.listen(8000);\n\nrequest({\n\tmethod: \"POST\",\n\turi: 'http://localhost:8000',\n\tmultipart: [{body:500}]\n},function(err,res,body){});\n```",
"recommendation": "Update to version 2.68.0 or later\n",
"references": "- [PR #2018](https://github.com/request/request/pull/2018)\n- [Issue #1904](https://github.com/request/request/issues/1904)",
"access": "public",
"severity": "moderate",
"cwe": "CWE-201",
"metadata": {
"module_type": "Network.Library",
"exploitability": 2,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/309"
},
"528": {
"findings": [
{
"version": "0.0.3",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-client>engine.io-client>parsejson"
]
}
],
"id": 528,
"created": "2017-09-08T20:43:02.594Z",
"updated": "2018-04-09T00:18:57.149Z",
"deleted": null,
"title": "Regular Expression Denial of Service",
"found_by": {
"name": "Cristian-Alexandru Staicu"
},
"reported_by": {
"name": "Cristian-Alexandru Staicu"
},
"module_name": "parsejson",
"cves": [
"CVE-2017-16113"
],
"vulnerable_versions": "<=0.0.3",
"patched_versions": "<0.0.0",
"overview": "Affected versions of `parsejson` are vulnerable to a regular expression denial of service when parsing untrusted user input.",
"recommendation": "The `parsejson` package has not been functionally updated since it was initially released.\n\nAdditionally, it provides functionality which is natively included in Node.js, and therefore the native `JSON.parse()` should be used, for both performance and security reasons.",
"references": "[Issue #4](https://github.com/get/parsejson/issues/4)",
"access": "public",
"severity": "high",
"cwe": "CWE-400",
"metadata": {
"module_type": "",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/528"
},
"534": {
"findings": [
{
"version": "2.6.8",
"paths": [
"mocha>debug",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>mocha>debug"
]
},
{
"version": "2.3.3",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>debug"
]
},
{
"version": "2.3.3",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>engine.io>debug"
]
},
{
"version": "2.3.3",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-adapter>debug"
]
},
{
"version": "2.2.0",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-adapter>socket.io-parser>debug",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-client>socket.io-parser>debug",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-parser>debug"
]
},
{
"version": "2.3.3",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-client>debug"
]
},
{
"version": "2.3.3",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>feathers-socketio>socket.io>socket.io-client>engine.io-client>debug"
]
}
],
"id": 534,
"created": "2017-09-25T18:55:55.956Z",
"updated": "2018-05-16T19:37:43.686Z",
"deleted": null,
"title": "Regular Expression Denial of Service",
"found_by": {
"name": "Cristian-Alexandru Staicu"
},
"reported_by": {
"name": "Cristian-Alexandru Staicu"
},
"module_name": "debug",
"cves": [
"CVE-2017-16137"
],
"vulnerable_versions": "<= 2.6.8 || >= 3.0.0 <= 3.0.1",
"patched_versions": ">= 2.6.9 < 3.0.0 || >= 3.1.0",
"overview": "Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.",
"recommendation": "Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n",
"references": "- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)",
"access": "public",
"severity": "low",
"cwe": "CWE-400",
"metadata": {
"module_type": "",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/534"
},
"535": {
"findings": [
{
"version": "1.2.7",
"paths": [
"documentjs>documentjs-github-download>request>form-data>mime",
"documentjs>documentjs-github-download>request>mime"
]
},
{
"version": "1.2.11",
"paths": [
"documentjs>less>mime",
"documentjs>less>request>form-data>mime",
"steal-less>less>mime"
]
}
],
"id": 535,
"created": "2017-09-25T19:02:28.152Z",
"updated": "2018-04-09T00:38:22.785Z",
"deleted": null,
"title": "Regular Expression Denial of Service",
"found_by": {
"name": "Cristian-Alexandru Staicu"
},
"reported_by": {
"name": "Cristian-Alexandru Staicu"
},
"module_name": "mime",
"cves": [
"CVE-2017-16138"
],
"vulnerable_versions": "< 1.4.1 || > 2.0.0 < 2.0.3",
"patched_versions": ">= 1.4.1 < 2.0.0 || >= 2.0.3",
"overview": "Affected versions of `mime` are vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.",
"recommendation": "Update to version 2.0.3 or later.",
"references": "[Issue #167](https://github.com/broofa/node-mime/issues/167)",
"access": "public",
"severity": "moderate",
"cwe": "CWE-400",
"metadata": {
"module_type": "Multi.Library",
"exploitability": 4,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/535"
},
"566": {
"findings": [
{
"version": "0.9.1",
"paths": [
"documentjs>less>request>hawk>boom>hoek",
"documentjs>less>request>hawk>cryptiles>boom>hoek",
"documentjs>less>request>hawk>hoek",
"documentjs>less>request>hawk>sntp>hoek"
]
}
],
"id": 566,
"created": "2018-04-20T21:25:58.421Z",
"updated": "2019-06-19T20:16:59.758Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"name": "HoLyVieR"
},
"reported_by": {
"name": "HoLyVieR"
},
"module_name": "hoek",
"cves": [
"CVE-2018-3728"
],
"vulnerable_versions": "<= 4.2.0 || >= 5.0.0 < 5.0.3",
"patched_versions": "> 4.2.0 < 5.0.0 || >= 5.0.3",
"overview": "Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.",
"recommendation": "Update to version 4.2.1, 5.0.3 or later.",
"references": "- [HackerOne Report](https://hackerone.com/reports/310439)",
"access": "public",
"severity": "moderate",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/566"
},
"577": {
"findings": [
{
"version": "2.4.2",
"paths": [
"documentjs>lodash"
]
},
{
"version": "3.10.1",
"paths": [
"generator-donejs>lodash"
]
}
],
"id": 577,
"created": "2018-04-24T14:27:02.796Z",
"updated": "2018-04-24T14:27:13.049Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"name": "Olivier Arteau (HoLyVieR)"
},
"reported_by": {
"name": "Olivier Arteau (HoLyVieR)"
},
"module_name": "lodash",
"cves": [
"CVE-2018-3721"
],
"vulnerable_versions": "<4.17.5",
"patched_versions": ">=4.17.5",
"overview": "Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n",
"recommendation": "Update to version 4.17.5 or later.",
"references": "- [HackerOne Report](https://hackerone.com/reports/310443)",
"access": "public",
"severity": "low",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 1,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/577"
},
"598": {
"findings": [
{
"version": "0.4.3",
"paths": [
"documentjs>less>request>tunnel-agent"
]
}
],
"id": 598,
"created": "2018-04-24T20:30:16.099Z",
"updated": "2018-04-24T20:31:15.816Z",
"deleted": null,
"title": "Memory Exposure",
"found_by": {
"name": "Сковорода Никита Андреевич"
},
"reported_by": {
"name": "Сковорода Никита Андреевич"
},
"module_name": "tunnel-agent",
"cves": [],
"vulnerable_versions": "<0.6.0",
"patched_versions": ">=0.6.0",
"overview": "Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n method: 'GET',\n uri: 'http://www.example.com',\n tunnel: true,\n proxy:{\n protocol: 'http:',\n host:'127.0.0.1',\n port:8080,\n auth:USERSUPPLIEDINPUT // number\n }\n});\n```",
"recommendation": "Update to version 0.6.0 or later.",
"references": "- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)",
"access": "public",
"severity": "moderate",
"cwe": "CWE-20",
"metadata": {
"module_type": "",
"exploitability": 3,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/598"
},
"612": {
"findings": [
{
"version": "0.4.2",
"paths": [
"generator-donejs>yeoman-generator>mem-fs-editor>deep-extend"
]
}
],
"id": 612,
"created": "2018-04-24T23:13:13.134Z",
"updated": "2018-05-08T01:46:15.050Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"name": "Olivier Arteau (HoLyVieR)"
},
"reported_by": {
"name": "Olivier Arteau (HoLyVieR)"
},
"module_name": "deep-extend",
"cves": [],
"vulnerable_versions": "<=0.5.0",
"patched_versions": ">=0.5.1",
"overview": "Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.",
"recommendation": "Update to version 0.5.1 or later.",
"references": "- [HackerOne Report](https://hackerone.com/reports/311333)",
"access": "public",
"severity": "low",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 2,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/612"
},
"755": {
"findings": [
{
"version": "1.0.10",
"paths": [
"documentjs>handlebars"
]
},
{
"version": "4.1.0",
"paths": [
"remap-istanbul>istanbul>handlebars",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>istanbul>handlebars"
]
}
],
"id": 755,
"created": "2018-12-28T20:34:57.708Z",
"updated": "2019-09-16T15:12:18.445Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"link": "",
"name": "Mahmoud Gamal, Matías Lang",
"email": ""
},
"reported_by": {
"link": "",
"name": "Mahmoud Gamal, Matías Lang",
"email": ""
},
"module_name": "handlebars",
"cves": [],
"vulnerable_versions": "<=4.0.13 || >=4.1.0 <4.1.2",
"patched_versions": ">=4.0.14 <4.1.0 || >=4.1.2",
"overview": "Versions of `handlebars` prior to 4.0.14 are vulnerable to Prototype Pollution. Templates may alter an Objects' prototype, thus allowing an attacker to execute arbitrary code on the server.",
"recommendation": "For handlebars 4.1.x upgrade to 4.1.2 or later.\nFor handlebars 4.0.x upgrade to 4.0.14 or later.",
"references": "",
"access": "public",
"severity": "critical",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 6,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/755"
},
"782": {
"findings": [
{
"version": "2.4.2",
"paths": [
"documentjs>lodash"
]
},
{
"version": "3.10.1",
"paths": [
"generator-donejs>lodash"
]
}
],
"id": 782,
"created": "2019-02-13T16:16:53.770Z",
"updated": "2019-06-27T14:01:44.172Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"link": "",
"name": "asgerf"
},
"reported_by": {
"link": "",
"name": "asgerf"
},
"module_name": "lodash",
"cves": [
"CVE-2018-16487"
],
"vulnerable_versions": "<4.17.11",
"patched_versions": ">=4.17.11",
"overview": "Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `{constructor: {prototype: {...}}}` causing the addition or modification of an existing property that will exist on all objects.\n\n",
"recommendation": "Update to version 4.17.11 or later.",
"references": "- [HackerOne Report](https://hackerone.com/reports/380873)",
"access": "public",
"severity": "high",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 3,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/782"
},
"785": {
"findings": [
{
"version": "2.2.23",
"paths": [
"documentjs>less>clean-css"
]
}
],
"id": 785,
"created": "2019-02-15T21:40:03.940Z",
"updated": "2019-02-15T21:41:13.431Z",
"deleted": null,
"title": "Regular Expression Denial of Service",
"found_by": {
"link": "https://github.com/davisjam",
"name": "Jamie Davis"
},
"reported_by": {
"link": "",
"name": "Santosh Rao"
},
"module_name": "clean-css",
"cves": [],
"vulnerable_versions": "<4.1.11",
"patched_versions": ">=4.1.11",
"overview": "Version of `clean-css` prior to 4.1.11 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service.",
"recommendation": "Upgrade to version 4.1.11 or higher.",
"references": "- [GitHub Commit](https://github.com/jakubpawlowicz/clean-css/commit/2929bafbf8cdf7dccb24e0949c70833764fa87e3)",
"access": "public",
"severity": "low",
"cwe": "CWE-185",
"metadata": {
"module_type": "",
"exploitability": 4,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/785"
},
"786": {
"findings": [
{
"version": "1.8.5",
"paths": [
"documentjs>chokidar>anymatch>micromatch>braces",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>test-exclude>micromatch>braces"
]
}
],
"id": 786,
"created": "2019-02-15T21:44:30.680Z",
"updated": "2019-04-02T18:18:29.356Z",
"deleted": null,
"title": "Regular Expression Denial of Service",
"found_by": {
"link": "",
"name": "Santosh Rao"
},
"reported_by": {
"link": "",
"name": "Santosh Rao"
},
"module_name": "braces",
"cves": [],
"vulnerable_versions": "<2.3.1",
"patched_versions": ">=2.3.1",
"overview": "Versions of `braces` prior to 2.3.1 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service.",
"recommendation": "Upgrade to version 2.3.1 or higher.",
"references": "- [GitHub Commit](https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451)",
"access": "public",
"severity": "low",
"cwe": "CWE-185",
"metadata": {
"module_type": "",
"exploitability": 4,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/786"
},
"788": {
"findings": [
{
"version": "3.12.1",
"paths": [
"eslint>js-yaml",
"remap-istanbul>istanbul>js-yaml",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>istanbul>js-yaml"
]
}
],
"id": 788,
"created": "2019-03-18T21:29:08.514Z",
"updated": "2019-04-04T03:44:12.205Z",
"deleted": null,
"title": "Denial of Service",
"found_by": {
"link": "https://sites.google.com/site/jensdietrich/",
"name": "Shawn Rasheed, Jens DIetrich"
},
"reported_by": {
"link": "https://conf.researchr.org/profile/shawnrasheed",
"name": "Shawn Rasheed"
},
"module_name": "js-yaml",
"cves": [],
"vulnerable_versions": "<3.13.0",
"patched_versions": ">=3.13.0",
"overview": "Versions of `js-yaml` prior to 3.13.0 are vulnerable to Denial of Service. By parsing a carefully-crafted YAML file, the node process stalls and may exhaust system resources leading to a Denial of Service.",
"recommendation": "Upgrade to version 3.13.0.",
"references": "",
"access": "public",
"severity": "moderate",
"cwe": "CWE-400",
"metadata": {
"module_type": "",
"exploitability": 6,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/788"
},
"796": {
"findings": [
{
"version": "3.3.1",
"paths": [
"can-connect>jquery",
"can-map-backup>can-connect>jquery",
"can-fixture>can-connect>jquery",
"can-connect>steal-stache>jquery",
"can-map-backup>can-connect>steal-stache>jquery",
"can-fixture>can-connect>steal-stache>jquery",
"can-view-import>steal-stache>jquery",
"done-autorender>can-view-import>steal-stache>jquery",
"done-autorender>steal-stache>jquery",
"steal-stache>jquery",
"can-map-backup>can-fixture>can-connect>steal-stache>jquery",
"can-map-backup>can-jquery>jquery",
"jquery",
"semantic-ui-css>jquery",
"semantic-ui-dropdown-canjs>semantic-ui-css>jquery",
"semantic-ui-dropdown-canjs>jquery"
]
}
],
"id": 796,
"created": "2019-04-02T21:06:11.895Z",
"updated": "2019-04-23T14:29:39.788Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"link": "",
"name": "asgerf"
},
"reported_by": {
"link": "",
"name": "asgerf"
},
"module_name": "jquery",
"cves": [
"CVE-2019-5428"
],
"vulnerable_versions": "<3.4.0",
"patched_versions": ">=3.4.0",
"overview": "Versions of `jquery` prior to 3.4.0 are vulnerable to Prototype Pollution. The extend() method allows an attacker to modify the prototype for `Object` causing changes in properties that will exist on all objects.",
"recommendation": "Upgrade to version 3.4.0 or later.",
"references": "- [HackerOne Report](https://hackerone.com/reports/454365)",
"access": "public",
"severity": "moderate",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 4,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/796"
},
"813": {
"findings": [
{
"version": "3.12.1",
"paths": [
"eslint>js-yaml",
"remap-istanbul>istanbul>js-yaml",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>istanbul>js-yaml"
]
}
],
"id": 813,
"created": "2019-04-10T19:02:51.064Z",
"updated": "2019-04-15T21:29:06.670Z",
"deleted": null,
"title": "Code Injection",
"found_by": {
"link": "",
"name": "Alex Kocharin"
},
"reported_by": {
"link": "",
"name": "Alex Kocharin"
},
"module_name": "js-yaml",
"cves": [],
"vulnerable_versions": "<3.13.1",
"patched_versions": ">=3.13.1",
"overview": "Versions of `js-yaml` prior to 3.13.1 are vulnerable to Code Injection. The `load()` function may execute arbitrary code injected through a malicious YAML file. Objects that have `toString` as key, JavaScript code as value and are used as explicit mapping keys allow attackers to execute the supplied code through the `load()` function. The `safeLoad()` function is unaffected.\n\nAn example payload is \n`{ toString: !<tag:yaml.org,2002:js/function> 'function (){return Date.now()}' } : 1` \nwhich returns the object \n{\n \"1553107949161\": 1\n}",
"recommendation": "Upgrade to version 3.13.1.",
"references": "- [GitHub PR](https://github.com/nodeca/js-yaml/pull/480)",
"access": "public",
"severity": "high",
"cwe": "CWE-94",
"metadata": {
"module_type": "",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/813"
},
"824": {
"findings": [
{
"version": "0.11.0",
"paths": [
"puppeteer"
]
}
],
"id": 824,
"created": "2019-04-19T21:33:38.879Z",
"updated": "2019-04-19T21:33:38.879Z",
"deleted": null,
"title": "Use-After-Free",
"found_by": {
"link": "",
"name": "Joel Griffith"
},
"reported_by": {
"link": "",
"name": "Joel Griffith"
},
"module_name": "puppeteer",
"cves": [
"CVE-2019-5786"
],
"vulnerable_versions": "<1.13.0",
"patched_versions": ">=1.13.0",
"overview": "Versions of `puppeteer` prior to 1.13.0 are vulnerable to the Use-After-Free vulnerability in Chromium (CVE-2019-5786). The Chromium FileReader API is vulnerable to Use-After-Free which may lead to Remote Code Execution.",
"recommendation": "Upgrade to version 1.13.0 or later.",
"references": "- [GitHub Issue](https://github.com/GoogleChrome/puppeteer/issues/4141)\n- [Snyk Report](https://snyk.io/vuln/SNYK-JS-PUPPETEER-174321)\n- [CVE-2019-5786 Analysis by Exodus Intelligence](https://blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitation/)",
"access": "public",
"severity": "high",
"cwe": "CWE-416",
"metadata": {
"module_type": "",
"exploitability": 3,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/824"
},
"880": {
"findings": [
{
"version": "0.17.1",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>miner>localtunnel>axios"
]
}
],
"id": 880,
"created": "2019-05-06T19:14:45.155Z",
"updated": "2019-06-03T17:55:10.532Z",
"deleted": null,
"title": "Denial of Service",
"found_by": {
"link": "https://nornagon.net/",
"name": "Jeremy Apthorp"
},
"reported_by": {
"link": "https://nornagon.net/",
"name": "Jeremy Apthorp"
},
"module_name": "axios",
"cves": [],
"vulnerable_versions": "<0.18.1",
"patched_versions": ">=0.18.1",
"overview": "Versions of `axios` prior to 0.18.1 are vulnerable to Denial of Service. If a request exceeds the `maxContentLength` property, the package prints an error but does not stop the request. This may cause high CPU usage and lead to Denial of Service.",
"recommendation": "Upgrade to 0.18.1 or later.",
"references": "- [Github Issue](https://github.com/axios/axios/issues/1098)\n- [Snyk Report](https://snyk.io/vuln/SNYK-JS-AXIOS-174505)",
"access": "public",
"severity": "moderate",
"cwe": "CWE-400",
"metadata": {
"module_type": "",
"exploitability": 4,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/880"
},
"886": {
"findings": [
{
"version": "0.1.31",
"paths": [
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>miner>browserstacktunnel-wrapper>unzip>fstream"
]
}
],
"id": 886,
"created": "2019-05-15T14:22:26.820Z",
"updated": "2019-07-17T20:46:09.777Z",
"deleted": null,
"title": "Arbitrary File Overwrite",
"found_by": {
"link": "",
"name": "Max Justicz"
},
"reported_by": {
"link": "",
"name": "Max Justicz"
},
"module_name": "fstream",
"cves": [
"CVE-2019-13173"
],
"vulnerable_versions": "<1.0.12",
"patched_versions": ">=1.0.12",
"overview": "Versions of `fstream` prior to 1.0.12 are vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system and a file that matches the hardlink will overwrite the system's file with the contents of the extracted file. The `fstream.DirWriter()` function is vulnerable.",
"recommendation": "Upgrade to version 1.0.12 or later.",
"references": "- [GitHub Commit](https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22)",
"access": "public",
"severity": "high",
"cwe": "CWE-59",
"metadata": {
"module_type": "",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/886"
},
"1012": {
"findings": [
{
"version": "2.0.0",
"paths": [
"documentjs>chokidar>readdirp>micromatch>braces>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>readdirp>micromatch>braces>snapdragon>base>cache-base>set-value",
"documentjs>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"documentjs>chokidar>readdirp>micromatch>extglob>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>readdirp>micromatch>extglob>snapdragon>base>cache-base>set-value",
"documentjs>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"steal-tools>globby>fast-glob>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>anymatch>micromatch>nanomatch>snapdragon>base>cache-base>set-value",
"documentjs>chokidar>readdirp>micromatch>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>readdirp>micromatch>snapdragon>base>cache-base>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>braces>snapdragon>base>cache-base>set-value",
"steal-tools>globby>fast-glob>micromatch>braces>snapdragon>base>cache-base>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"steal-tools>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>snapdragon>base>cache-base>set-value",
"steal-tools>globby>fast-glob>micromatch>extglob>snapdragon>base>cache-base>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>snapdragon>base>cache-base>set-value",
"steal-tools>globby>fast-glob>micromatch>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>anymatch>micromatch>braces>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>braces>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>anymatch>micromatch>extglob>snapdragon>base>cache-base>set-value",
"steal-tools>chokidar>anymatch>micromatch>snapdragon>base>cache-base>set-value"
]
},
{
"version": "0.4.3",
"paths": [
"documentjs>chokidar>readdirp>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>readdirp>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"documentjs>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"documentjs>chokidar>readdirp>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>readdirp>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"documentjs>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>globby>fast-glob>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>anymatch>micromatch>nanomatch>snapdragon>base>cache-base>union-value>set-value",
"documentjs>chokidar>readdirp>micromatch>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>readdirp>micromatch>snapdragon>base>cache-base>union-value>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>globby>fast-glob>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>globby>fast-glob>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>globby>fast-glob>micromatch>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>anymatch>micromatch>braces>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>braces>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>anymatch>micromatch>extglob>snapdragon>base>cache-base>union-value>set-value",
"steal-tools>chokidar>anymatch>micromatch>snapdragon>base>cache-base>union-value>set-value"
]
}
],
"id": 1012,
"created": "2019-06-20T14:35:11.974Z",
"updated": "2019-07-12T21:43:14.145Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"link": "",
"name": "Jon Schlinkert"
},
"reported_by": {
"link": "",
"name": "Jon Schlinkert"
},
"module_name": "set-value",
"cves": [
"CVE-2019-10747"
],
"vulnerable_versions": "<2.0.1 || >=3.0.0 <3.0.1",
"patched_versions": ">=2.0.1 <3.0.0 || >=3.0.1",
"overview": "Versions of `set-value` prior to 3.0.1 or 2.0.1 are vulnerable to Prototype Pollution. The `set` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects.\n\n",
"recommendation": "If you are using `set-value` 3.x, upgrade to version 3.0.1 or later.\nIf you are using `set-value` 2.x, upgrade to version 2.0.1 or later.\n",
"references": "- [Snyk Report](https://snyk.io/vuln/SNYK-JS-SETVALUE-450213)",
"access": "public",
"severity": "high",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/1012"
},
"1013": {
"findings": [
{
"version": "1.3.1",
"paths": [
"documentjs>chokidar>readdirp>micromatch>braces>snapdragon>base>mixin-deep",
"steal-tools>chokidar>readdirp>micromatch>braces>snapdragon>base>mixin-deep",
"documentjs>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"steal-tools>chokidar>readdirp>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"documentjs>chokidar>readdirp>micromatch>extglob>snapdragon>base>mixin-deep",
"steal-tools>chokidar>readdirp>micromatch>extglob>snapdragon>base>mixin-deep",
"documentjs>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>mixin-deep",
"steal-tools>chokidar>readdirp>micromatch>nanomatch>snapdragon>base>mixin-deep",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>nanomatch>snapdragon>base>mixin-deep",
"steal-tools>globby>fast-glob>micromatch>nanomatch>snapdragon>base>mixin-deep",
"steal-tools>chokidar>anymatch>micromatch>nanomatch>snapdragon>base>mixin-deep",
"documentjs>chokidar>readdirp>micromatch>snapdragon>base>mixin-deep",
"steal-tools>chokidar>readdirp>micromatch>snapdragon>base>mixin-deep",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>braces>snapdragon>base>mixin-deep",
"steal-tools>globby>fast-glob>micromatch>braces>snapdragon>base>mixin-deep",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"steal-tools>globby>fast-glob>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>extglob>snapdragon>base>mixin-deep",
"steal-tools>globby>fast-glob>micromatch>extglob>snapdragon>base>mixin-deep",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>globby>fast-glob>micromatch>snapdragon>base>mixin-deep",
"steal-tools>globby>fast-glob>micromatch>snapdragon>base>mixin-deep",
"steal-tools>chokidar>anymatch>micromatch>braces>snapdragon>base>mixin-deep",
"steal-tools>chokidar>braces>snapdragon>base>mixin-deep",
"steal-tools>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>base>mixin-deep",
"steal-tools>chokidar>anymatch>micromatch>extglob>snapdragon>base>mixin-deep",
"steal-tools>chokidar>anymatch>micromatch>snapdragon>base>mixin-deep"
]
}
],
"id": 1013,
"created": "2019-06-20T14:51:39.425Z",
"updated": "2019-07-12T18:53:21.152Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"link": "",
"name": "Snyk Security Team"
},
"reported_by": {
"link": "",
"name": "Snyk Security Team"
},
"module_name": "mixin-deep",
"cves": [
"CVE-2019-10746"
],
"vulnerable_versions": "<1.3.2 || >=2.0.0 <2.0.1",
"patched_versions": ">=1.3.2 <2.0.0 || >=2.0.1",
"overview": "Versions of `mixin-deep` prior to 2.0.1 or 1.3.2 are vulnerable to Prototype Pollution. The `mixinDeep` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects.\n\n",
"recommendation": "If you are using `mixin-deep` 2.x, upgrade to version 2.0.1 or later.\nIf you are using `mixin-deep` 1.x, upgrade to version 1.3.2 or later.",
"references": "- [Snyk Report](https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212)",
"access": "public",
"severity": "high",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 5,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/1013"
},
"1065": {
"findings": [
{
"version": "2.4.2",
"paths": [
"documentjs>lodash"
]
},
{
"version": "4.17.11",
"paths": [
"lodash",
"donejs-cli>yeoman-environment>grouped-queue>lodash",
"generator-donejs>yeoman-generator>yeoman-environment>grouped-queue>lodash",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>grouped-queue>lodash",
"donejs-cli>yeoman-environment>inquirer>lodash",
"generator-donejs>yeoman-generator>yeoman-environment>inquirer>lodash",
"donejs-cli>yeoman-environment>lodash",
"generator-donejs>yeoman-generator>yeoman-environment>lodash",
"eslint>inquirer>lodash",
"eslint>lodash",
"eslint>table>lodash",
"eslint-plugin-import>lodash",
"generator-donejs>generator-license>yeoman-generator>async>lodash",
"generator-donejs>generator-license>yeoman-generator>lodash",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>inquirer>lodash",
"generator-donejs>generator-license>yeoman-generator>yeoman-environment>lodash",
"generator-donejs>yeoman-generator>async>lodash",
"generator-donejs>yeoman-generator>lodash",
"remap-istanbul>istanbul>handlebars>async>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>istanbul>handlebars>async>lodash",
"steal-tools>lodash",
"steal-tools>transpile>lodash",
"83d87e5ada9fa856181c2b647b1b7dc3fde6d85269d655f51f1485014407307f>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-generator>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-template>babel-traverse>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-traverse>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-helpers>babel-template>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-template>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-generator>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-helpers>babel-template>babel-traverse>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-template>babel-traverse>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-traverse>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-helpers>babel-template>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-template>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>babel-register>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>babel-core>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>launchpad>async>lodash",
"9aa5cb393389cc5eac43534f005c27db16074da7ab8315cc00d6be5c64ef547f>lodash"
]
},
{
"version": "3.10.1",
"paths": [
"generator-donejs>lodash"
]
}
],
"id": 1065,
"created": "2019-07-15T17:22:56.990Z",
"updated": "2019-07-15T17:25:05.721Z",
"deleted": null,
"title": "Prototype Pollution",
"found_by": {
"link": "",
"name": "Snyk Security Team"
},
"reported_by": {
"link": "",
"name": "Snyk Security Team"
},
"module_name": "lodash",
"cves": [
"CVE-2019-10744"
],
"vulnerable_versions": "<4.17.12",
"patched_versions": ">=4.17.12",
"overview": "Versions of `lodash` before 4.17.12 are vulnerable to Prototype Pollution. The function `defaultsDeep` allows a malicious user to modify the prototype of `Object` via `{constructor: {prototype: {...}}}` causing the addition or modification of an existing property that will exist on all objects.\n\n",
"recommendation": "Update to version 4.17.12 or later.",
"references": "- [Snyk Advisory](https://snyk.io/vuln/SNYK-JS-LODASH-450202)",
"access": "public",
"severity": "high",
"cwe": "CWE-471",
"metadata": {
"module_type": "",
"exploitability": 3,
"affected_components": ""
},
"url": "https://npmjs.com/advisories/1065"
}
},
"muted": [],
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 18,
"moderate": 33,
"high": 139,
"critical": 5
},
"dependencies": 165318,
"devDependencies": 16539,
"optionalDependencies": 318,
"totalDependencies": 181993
},
"runId": "14fe2942-b028-4b7c-8ecb-276ed6088cc0"
}
Cannot read from i2web repo
Hello! It's awesome that you have continued with this project.
I am trying to get an instance of arcusweb running with the instructions you wrote in the readme file, but haven't been able to do it yet.
Even though I configured the ssh keys of my bitbucket account correctly, npm is not able to clone the repository i2web-devtools. Is that repository private by any chance?
Just letting you know of this problem, maybe you missed opening i2web to the public when uploading the whole Arcus project. If this is not the case, is it still possible for anybody to install arcusweb? how?
Thanks in advance.
Create cache busting strategy
Add a mechanism to support cachebusting, as the current resources (javascript, images, etc) are cached for a long time (1 month to 1 year)
Allow thermostat fan mode to be controlled
A number of thermostats allow the fan to be controlled independently of the HVAC mode, so that you can use the fan to circulate air without a call for heat or cooling. This is supported in Arcus, but the UI doesn't expose it.
Uncheck "Keep me up-to-date on Arcus related news, offers, and promotions." by default
There's no news, offers or promotions to send, so this can be left unchecked, especially for the open source / self-host version
Quickstart guide
Write a quickstart guide for arcusweb. I had to make a few changes to the code to get it up and running
wlnet@wlnet-iot:~/arcusweb$ git status
On branch master
Your branch is up to date with 'origin/master'.
Changes not staged for commit:
(use "git add <file>..." to update what will be committed)
(use "git checkout -- <file>..." to discard changes in working directory)
modified: bin/server.js
modified: config/server.json
modified: src/pages/create-account/steps/zip-code/zip-code.js
modified: src/pages/promonitoring/promonitoring.js
Untracked files:
(use "git add <file>..." to include in what will be committed)
build/
config/ssl/
node_modules/
no changes added to commit (use "git add" and/or "git commit -a")
wlnet@wlnet-iot:~/arcusweb$ git diff bin/server.js
diff --git a/bin/server.js b/bin/server.js
index 6cbb306..3125bba 100644
--- a/bin/server.js
+++ b/bin/server.js
@@ -89,7 +89,10 @@ if (nconf.get('NODE_ENV') === 'production') {
const server = https.createServer({
requestCert: true,
- rejectUnauthorized: false
+ rejectUnauthorized: false,
+ key: fs.readFileSync('/home/wlnet/arcusweb/config/ssl/server.key'),
+ cert: fs.readFileSync('/home/wlnet/arcusweb/config/ssl/server.crt')
+
}, app).listen(port);
server.on('error', (e) => {
wlnet@wlnet-iot:~/arcusweb$ git diff config/server.json
diff --git a/config/server.json b/config/server.json
index 10b28fd..5dd2689 100644
--- a/config/server.json
+++ b/config/server.json
@@ -1,4 +1,5 @@
{
- "apiUrl": "https://testingurl.replaceme.com",
- "wsUrl": "wss://testingurl.replaceme.com"
-}
\ No newline at end of file
+ "redirectUrl": "https://example.com",
+ "wsUrl": "wss://example.com"
+
+}
wlnet@wlnet-iot:~/arcusweb$ git dif src/pages/create-account/steps/zip-code/zip-code.js
git: 'dif' is not a git command. See 'git --help'.
The most similar commands are
diff
config
difftool
init
wlnet@wlnet-iot:~/arcusweb$ git diff src/pages/create-account/steps/zip-code/zip-code.js
diff --git a/src/pages/create-account/steps/zip-code/zip-code.js b/src/pages/create-account/steps/zip-code/zip-code.js
index baf77f8..29799f4 100644
--- a/src/pages/create-account/steps/zip-code/zip-code.js
+++ b/src/pages/create-account/steps/zip-code/zip-code.js
@@ -62,6 +62,7 @@ export const ViewModel = StepViewModel.extend({
const place = this.attr('place');
// If we are auto-selecting Basic for them, we can skip zip code entry and
// bypass to the address entry screen
+ return true;
const preferredPlan = this.attr('place.base:tags')
.filter(i => i.includes('PREF_PLAN:'));
return (place.attr('place:state') && place.attr('place:zipCode'))
wlnet@wlnet-iot:~/arcusweb$ git diff src/pages/promonitoring/promonitoring.js
diff --git a/src/pages/promonitoring/promonitoring.js b/src/pages/promonitoring/promonitoring.js
index 364375d..6c7cf94 100644
--- a/src/pages/promonitoring/promonitoring.js
+++ b/src/pages/promonitoring/promonitoring.js
@@ -62,8 +62,8 @@ export const ViewModel = canMap.extend({
ProMonitoringService.GetSettings(place.GetDestination()).then(({ settings }) => {
this.attr('promonitoringSettings', settings);
if (settings) {
- const isPromon = this.attr('place.isPromon');
- const isTrial = this.attr('promonitoringSettings').attr('promon:trial');
+ const isPromon = true; // this.attr('place.isPromon');
+ const isTrial = false; // this.attr('promonitoringSettings').attr('promon:trial');
if (!isPromon && !isTrial) {
this.attr('promonitoringSettings').CheckAvailability().then(({ available }) => {
if (available !== 'FULL') {
wlnet@wlnet-iot:~/arcusweb$
and then start it with npm run start
I'll include details about how to setup nginx
Page doesn't load on Firefox 66
After logging in, I get taken to a page with only a menu at the top, and see a javascript error in the console:
"ERROR: Invalid object"
I'm not too sure what's going on since my javascript debugging skills are pretty limited, but an FYI to try another browser if you see an error...
brand.svg missing
The "add device" page is missing the brand assets (brand.svg), so all the device pictures are missing. I assume this was part of another lowe's website and thus wasn't included.
Fix build warnings
OPENING: package.json!npm
OPENING: [email protected]#pages/create-account/create-account
WARN: unexpected closing tag </div>
WARN: unexpected closing tag </div> expected </p>
OPENING: [email protected]#pages/invite/invite
OPENING: [email protected]#pages/login/login
OPENING: [email protected]#pages/home/home
WARN: expected closing tag </div>
OPENING: [email protected]#pages/history/history
OPENING: [email protected]#pages/scenes/scenes
OPENING: [email protected]#pages/rules/rules
OPENING: [email protected]#pages/devices/devices
OPENING: [email protected]#pages/settings/service-plan/service-plan
WARN: unexpected closing tag </div> expected </p>
OPENING: [email protected]#pages/settings/settings
WARN: unexpected closing tag </div> expected </p>
OPENING: [email protected]#pages/services/services
WARN: unexpected closing tag </h2> expected </div>
OPENING: [email protected]#pages/promonitoring/promonitoring
OPENING: [email protected]#pages/pairing/pairing
WARN: expected closing tag </div>
OPENING: [email protected]#pages/hub-setup/hub-setup
OPENING: [email protected]#pages/product-catalog/product-catalog
WARN: unexpected closing tag </div>
OPENING: [email protected]#pages/kit-activate/kit-activate
OPENING: [email protected]#pages/preferences/preferences
OPENING: [email protected]#pages/[email protected]#component
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.