Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-23881

Remove dependency on marked.js 0.3.2 in Ambari Web

    XMLWordPrintableJSON

Details

    Description

      Remove dependency on marked.js 0.3.2 in Ambari Web due to security concerns. See 

      [root@host ~]# ambari-server --version
2.7.0.0-519

      [root@host ~]# find /usr/lib -name marked.js
/usr/lib/ambari-server/web/api-docs/lib/marked.js

      Recommendation is to remove the dependency or upgrade to version 0.3.2-1 or the latest version, if possible.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #1306

          Activity

            People

              ababiichuk Andriy Babiichuk
              ababiichuk Andriy Babiichuk
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h