-
when we install pm2 it also install 5 level dependency ""monorepo-symlink-test"" which is known as malicious.
steps:
install pm2 globally
use any sca scanner in project directory or
check /us…
-
## The dependency [snyk](https://github.com/snyk/snyk) was updated from `1.130.0` to `1.131.0`.
🚨 [View failing branch](https://github.com/rkazakov/postxml-amp/compare/master...rkazakov:greenkeeper%…
-
The current `public.ecr.aws/lambda/python:3.12` image includes a a number of 'high' vulnerabilities as reported by Snyk:
https://security.snyk.io/vuln/SNYK-AMZN2023-LIBNGHTTP2-6729276
https://secu…
-
Hello,
Is there a workaround for this? It makes it unusable for our project as Rekit-Core currently includes "decompress" NPM package with a high severity vulnerability.
=== npm audit security …
-
## The dependency [snyk](https://github.com/snyk/snyk) was updated from `1.239.3` to `1.239.4`.
🚨 [View failing branch](https://github.com/jy95/P4ng-client/compare/master...jy95:greenkeeper%2Fsnyk-1…
-
- [ ] Come up with 5 most important tests to have in system by Tue EOD
- [ ] Reasoning why you are picking these 5 by Tue EOD
- [ ] Implemetation of these 5 actions by Wed EOD
-
## The dependency [snyk](https://github.com/snyk/snyk) was updated from `1.170.0` to `1.171.0`.
🚨 [View failing branch](https://github.com/cdunnnnnnn/learn-slovak/compare/master...cdunnnnnnn:greenke…
-
### Package URl
pkg:maven/xerces/xercesImpl@2.12.2
### CPE
`cpe:2.3:a:apache:xerces-j:2.12.2:*:*:*:*:*:*:*`
### CVE
CVE-2017-10355
### ODC Integration
{"label"=>"Gradle Plugin"}
### ODC Versio…
-
When I scan using an spdx sbom, I see:
```
osv-scanner scan --sbom=SBOM-report-testproject-habi-20240410_0131-clean-licenses.spdx.json --verbosity verbose
Scanned /home/paul/SBOM-report-testproje…
-
## The dependency [snyk](https://github.com/snyk/snyk) was updated from `1.161.1` to `1.161.2`.
🚨 [View failing branch](https://github.com/alectronic0/alectronic-chirper/compare/master...alectronic0…