Bug 208768

Summary: [PATCH] www/npm2: update to 2.15.3
Product: Ports & Packages Reporter: Bradley T. Hughes <bhughes>
Component: Individual Port(s)Assignee: Po-Chuan Hsieh <sunpoet>
Status: Closed Overcome By Events    
Severity: Affects Many People Keywords: patch
Priority: --- Flags: bugzilla: maintainer-feedback? (sunpoet)
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch from a git commit, apply with patch -p1
none
poudriere testport log none

Description Bradley T. Hughes freebsd_committer freebsd_triage 2016-04-13 09:19:46 UTC 
Created attachment 169279 [details]
patch from a git commit, apply with patch -p1

Update to the latest upstream LTS release to fix the recently announced bearer token vulnerability:
    
http://blog.npmjs.org/post/142036323955/fixing-a-bearer-token-vulnerability
Comment 1 Bradley T. Hughes freebsd_committer freebsd_triage 2016-04-13 09:20:28 UTC 
Created attachment 169280 [details]
poudriere testport log
Comment 2 Bradley T. Hughes freebsd_committer freebsd_triage 2016-04-13 09:21:48 UTC 
I generated a new distfile using `make maketar`, but I can't upload it due to attachment size limitations. The distfile can be generated after applying the patch using the same command.
Comment 3 Bradley T. Hughes freebsd_committer freebsd_triage 2016-07-07 06:19:45 UTC 
Port has already been updated.