-
It'd be great to have a SARIF output format to upload the results to GitHub. (i.e. with `github/codeql-action/upload-sarif` action)
Blocked by #217
-
Do we really need @angular-devkit/build-angular as a dependency. It contains protractor, which is deprecated and contains dependencies with vulnerabilities (xml2js@0.4.23 and request@2.88.2)
-
## CVE-2023-0842 - Medium Severity Vulnerability
Vulnerable Library - xml2js-0.4.23.tgz
Simple XML to JavaScript object converter.
Library home page: https://registry.npmjs.org/xml2js/-/xml2js-0.4.2…
-
## CVE-2023-0842 - Medium Severity Vulnerability
Vulnerable Library - xml2js-0.4.23.tgz
Simple XML to JavaScript object converter.
Library home page: https://registry.npmjs.org/xml2js/-/xml2js-0.4.2…
-
##### **Overview of the issue**
I created http://jhipster-book.com with JHipster 2.22.0. I want to update some things like the copyright. However, I'm unable to run `npm install` and therefore unab…
-
Can we upgrade the package aws-sdk, which depends on xml2js, which has a vulnerability?
The aws-sdk update has been pushed here https://github.com/aws/aws-sdk-js/pull/4389
-
My .npmrc looks like this:
```
registry=http://registry.npmjs.org/
strict-ssl=false
python=python2.7
ca=
```
It shouldn't even try to open a SSL connection because I'm using HTTP for the registry.
…
-
-
a vscode extension of ours references this `@vscode/l10n-dev` and I saw a vulnerability reported today:
```
xml2js
-
Hello,
In order to use ESM I need to set the "type" property in package.json to "module". However, this property is not supported in NodePackageOptions.
Example:
```
{
"name": "cdktest",
…