Set vulnerability location to package.json (!30) · Merge requests · GitLab.org / security-products / Tests / js-yarn

Fabien Catteau requested to merge ds-location-package.json into master Jan 09, 2020

Set location.file key of the vulnerabilities to package.json. The location was previously set to node_modules, even though this directory does not belong to the project repository.

The order of the vulnerabilities changes as a side-effect of updating the locations.

This is needed for gitlab-org/security-products/analyzers/retire.js!24 (merged) (bug fix).

See gitlab-org/gitlab#13827 (closed)

Edited Apr 21, 2023 by 🤖 GitLab Bot 🤖

Set vulnerability location to package.json

Merge request reports