-
yarn audit v1.22.5
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Server-Side Request Forgery │
├───────────────…
-
In the current version of Passport, Cryptiles version 0.2.2 is used. This version of Cryptiles contains a security issue mentioned here:
https://github.com/hapijs/cryptiles/issues/34
In my project…
-
Results of `yarn audit`:
```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate │ Cross-Site Scripting │
├──…
-
```
warning svg-transform-loader > svg-mixer-utils > anymatch > micromatch > snapdragon > source-map-resolve > resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
warning svg-trans…
-
This is not AFAIK an actual security vulnerability, but this package bundles a package that has a security vulnerability. My company tries to maintain a baseline of 0 'critical' vulnerabilities as lab…
-
```
# npm audit report
marked
-
corepack supports downloading the package managers from a source that is not npm. I think this is a significant security risk for our users and we should only download them from npm (or another 3rd pa…
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### This issue exists in the latest npm version
- [X] I am using the latest npm
### Current Behavior
W…
-
This issue aims to enhance the security of the CasperDash Wallet extension by implementing several improvements. The following changes are proposed:
- [x] 1. **Hide/Show Copy Recovery Phrase:** Cur…
-
溜まってしまって良くないので。