Replace or modernize jenkins-cd/js-test

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

      The Jenkins JS Test package (GitHub, NPM) is consumed by Jenkins core but hasn't been touched in 6 years. Many of its dependencies are outdated and have security vulnerabilities. We should consider either replacing this library or modernizing it and cutting a new release, then updating to that release in Jenkins core.

      gulp-util@npm:3.0.8 is deprecated: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
   └─ @jenkins-cd/js-test@npm:1.2.3 [f7924] (via npm:1.2.3 [f7924])
      └─ gulp-jasmine@npm:2.4.2 (via npm:^2.0.1)
         └─ gulp-util@npm:3.0.8 (via npm:^3.0.0)

har-validator@npm:5.1.3 is deprecated: this library is no longer supported
   └─ @jenkins-cd/js-test@npm:1.2.3 [f7924] (via npm:1.2.3 [f7924])
      └─ jsdom@npm:5.6.1 (via npm:^5.6.1)
         └─ request@npm:2.88.2 (via npm:^2.55.0)
            └─ har-validator@npm:5.1.5 (via npm:~5.1.3)

request@npm:2.88.2 is deprecated: request has been deprecated, see https://github.com/request/request/issues/3142
   └─ @jenkins-cd/js-test@npm:1.2.3 [f7924] (via npm:1.2.3 [f7924])
      └─ jsdom@npm:5.6.1 (via npm:^5.6.1)
         └─ request@npm:2.88.2 (via npm:^2.55.0)

tough-cookie@npm:1.2.0 is deprecated: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
   └─ @jenkins-cd/js-test@npm:1.2.3 [f7924] (via npm:1.2.3 [f7924])
      └─ jsdom@npm:5.6.1 (via npm:^5.6.1)
         ├─ request@npm:2.88.2 (via npm:^2.55.0)
         │  └─ tough-cookie@npm:2.5.0 (via npm:~2.5.0)
         └─ tough-cookie@npm:1.2.0 (via npm:^1.1.0)

uuid@npm:3.4.0 is deprecated: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
   └─ @jenkins-cd/js-test@npm:1.2.3 [f7924] (via npm:1.2.3 [f7924])
      └─ jsdom@npm:5.6.1 (via npm:^5.6.1)
         └─ request@npm:2.88.2 (via npm:^2.55.0)
            └─ uuid@npm:3.4.0 (via npm:^3.3.2)

xmldom@npm:0.1.31 is deprecated: Deprecated due to CVE-2021-21366 resolved in 0.5.0
   └─ @jenkins-cd/js-test@npm:1.2.3 [f7924] (via npm:1.2.3 [f7924])
      └─ jasmine-reporters@npm:2.3.2 (via npm:^2.0.6)
         └─ xmldom@npm:0.1.31 (via npm:^0.1.22)

            Assignee:
            Basil Crow
            Reporter:
            Basil Crow
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Resolved:
              Archived: