cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Microsoft
Microsoft

Webpack in pcf-scripts out of date

Hello,

 

We have a high prioritiy security issue with the specified version of webpack (4.28.4) in the pcf-scripts npm package. Unfortunately it specifies exactly that version in package.json.

 

Is it ok to resolve to the latest webpack version or would this cause issues to pcf-scripts package?

2 REPLIES 2
Highlighted
Microsoft
Microsoft

Re: Webpack in pcf-scripts out of date

The soon-to-be-released March refresh for pcf-scripts (ETA mid next week) has already been updated to:

    "webpack": "4.42.1",

 

It got flagged by our internal compliance/security tracking as well.

To work around until then, yes, you should be able to locally resolve to the latest 4.42.1

Highlighted
Solution Sage
Solution Sage

Re: Webpack in pcf-scripts out of date

While we are in this area, my gitgub repository is complaining about a number of security vulnerabilities with some webpack dependencies (but not yet webpack itself).

 

Minimist - Upgrade minimist to version 1.2.3 or later. 

acorn - Upgrade acorn to version 5.7.4 or later

kind-of - Upgrade kind-of to version 6.0.3 or later

 

Will this next release resolve these complaints as well?

---
If this post has answered your question please consider it for "Accept as Solution" or if it has been helpful give it a "Thumbs Up".

Helpful resources

Announcements
Community Conference

Power Platform Community Conference

Check out the on demand sessions that are available now!

Power Platform ISV Studio

Power Platform ISV Studio

ISV Studio is designed to become the go-to Power Platform destination for ISV’s to monitor & manage published applications.

secondImage

Power Platform 2020 release wave 2 plan

Features releasing from October 2020 through March 2021

Tech Marathon

Maratón de Soluciones de Negocio Microsoft

Una semana de contenido con +100 sesiones educativas, consultorios, +10 workshops Premium, Hackaton, EXPO, Networking Hall y mucho más!

Users online (6,455)