-
Our's is mono repo project. i have few questions
1. For mono repo should we run the dependency check separately to all the projects and not the main package.json
2. when i am running the bat command…
-
Before ran `yarn audit` i got this result:
> 268 vulnerabilities found - Packages audited: 855
Severity: 41 Low | 83 Moderate | 110 High | 34 Critical
Done in 8.17s.
So, it's necessary update …
-
### Issue description
Hi, in my project I use serverless@3.38.0.
I run `yarn audit` and I find this potential vulnerability in module TAR. It use in serverless@3.38.0
I can fix it?
### Context
…
savez updated
6 months ago
-
% yarn audit
```
yarn audit v1.22.19
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate │ tough-cookie Prototype Pollution vulnerability …
-
[NSP](https://www.npmjs.com/package/nsp) is an node/npm package security monitoring service that allows for checking a package.json or lock file against know security risks. As the jupyterlab extensio…
-
After the development CLI living in the wild, it seems like there is some onboarding roughness.
* Varied methods of use originally unintended (yarn link to make the jetpack cli accessible anywhere, u…
-
As the title, we have some vulnerabilities in the dependencies. I have yet to be able to fix these vulnerabilities. Could you please help us!
1. Fork this repository
2. Pull source code into your …
-
### Summary
`npm|yarn audit` report that there is a [High vulnerability](https://www.npmjs.com/advisories/1070480) present in the version of `dicer` used by `@expo/multipart-body-parser`. This packag…
-
Evaluate the usage of https://snyk.io/
We already use GitHub Security Alerts, but the more the merrier :-)
-
Should set up some kind of auditing mechanism to know when a project's NPM dependencies have vulnerabilities.
This ideally should _not_ block regular builds, but should be run regularly and should …