-
(Very nice package, much more useful in CI!)
The same vulnerability is reported, it seems, as many times as there are modules that depend on the vulnerable package:
```
Improved Yarn Audit - v2…
-
in freebsd 14.0 only has electron25-25.9.7.
```
root@F3ja:/usr/home/luba # pkg install electron27
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories a…
-
Hi,
Currently in yarn audit, there is the possibility to specify a group name (dependencies, devDependencies) to check only the dependencies on this group. Would it be possible to add that possibil…
-
Before the release is ready to be cut, *all* known security issues raised by `yarn audit` must be resolved unless otherwise exempted. This does not include devDependencies issues unless there is a li…
-
## What's going wrong?
- Security vulneriabilty on the dependency (axios)
## How could we reproduce this issue?
* CVE-2020-28168 - Medium Severity Vulnerability
## Supporting information
…
-
**Is your feature request related to a problem? Please describe.**
In our project we are using the frontend-maven-plugin and would like to let Dependency-Check perform the audit of the frontend lib…
-
### Describe the bug?
The package `jsonpath-plus` has a security vulnerability reported
https://github.com/advisories/GHSA-pppg-cpfq-h7wr
This package is included transitively in this package thr…
-
### Bug description
Lately, I've been noticing that `yarn audit` fails quite often with a 503 error code from the upstream server. It seems to be random: running the command over and over sometimes w…
-
### Context
Thank you @quentinderoubaix for raising the points.
### Proposal
- [x] Jest is broken without manual changes (`npm run test -w webapp` fails)
Tracked via #1606
- [x] `angular.j…
-
Hello was trying to resolve a `yarn audit` issue tied to this library. I see the fix was introduced in the [latest commit](https://github.com/MetaMask/jazzicon/pull/6) but I don't think it was ever pu…