Open arirubinstein opened 1 year ago
Current state of things across all of agoric-sdk (not just cosmic swingset)
➜ agoric-sdk git:(6636_yarn_audit) ✗ yarn audit --groups devDependencies --level moderate --summary
yarn audit v1.22.19
61 vulnerabilities found - Packages audited: 1100
Severity: 6 Low | 11 Moderate | 35 High | 9 Critical
✨ Done in 1.11s.
➜ agoric-sdk git:(6636_yarn_audit) ✗ yarn audit --groups dependencies --level moderate --summary
yarn audit v1.22.19
0 vulnerabilities found - Packages audited: 579
✨ Done in 4.08s.
Before the release is ready to be cut, all known security issues raised by
yarn audit
must be resolved unless otherwise exempted. This does not include devDependencies issues unless there is a likely path to exploitation, determined by the Security team.By default, this includes Critical, High, Medium issues. Select low issues may be raised by the Security team
This includes the following repos: