Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Welcome to the CollectiveAccess support forum! Here the developers and community answer questions related to use of the software. Please include the following information in every new issue posted here:

  1. Version of the software that is used, along with browser and version

  2. If the issue pertains to Providence, Pawtucket or both

  3. What steps you’ve taken to try to resolve the issue

  4. Screenshots demonstrating the issue

  5. The relevant sections of your installation profile or configuration including the codes and settings defined for your local elements.


If your question pertains to data import or export, please also include:

  1. Data sample

  2. Your mapping


Answers may be delayed for posts that do not include sufficient information.

Github security vulnerability warning for Pawtucket

Hi,

Github is sending us security vulnerabilities warning (We found potential security vulnerabilities in your dependencies.) for our two Pawtucket repositories. In both cases it is about "assets/pawtucket/css/Font-Awesome/Gemfile.lock" gem file. In one case it is in an existing Pawtucket theme (chhe), which we can remove to get rid of this warning. However, in other case it is part of our own custom theme. We can remove Gemfile.lock, but will it create any problem in Pawtucket working correctly?

https://github.com/libis/pa_cct/blob/e2e73a6a43847eeebf6a06288ffb316c25d580e2/themes/cct/assets/pawtucket/css/Font-Awesome/Gemfile.lock
https://github.com/libis/pa_mjb/blob/8d155ad010f2d1af1da566f9a33f69e7c1d502d8/themes/chhe/assets/pawtucket/css/Font-Awesome/Gemfile.lock

Thanks.



Comments

  • It won't cause a problem. It's an artifact from the Font-Awesome distribution that is from Ruby. It has no function in PHP or in CA.
  • Thanks, Gemfile.lock file removed and warning disappeared.
Sign In or Register to comment.