Closed sethidden closed 1 week ago
github-actions[bot]
commented
3 weeks ago We appreciate you taking the time to share information about this issue. We reproduced the bug and added this ticket to our internal task queue. We'll update this thread once we have news.
sethidden
commented
3 weeks ago https://github.com/indutny/node-ip is now archived as well.
github-actions[bot]
commented
1 week ago Release v3.6.2-rc.1 addresses this.
Sorry about skipping the template, it's not really a runtime testcafe issue.
https://github.com/DevExpress/testcafe/blob/master/package.json#L101
ip:https://github.com/inikulin/endpoint-utils/blob/master/package.json#L34
ip) has an open security vulnerability (and the repo is archived so it won't be fixed) https://github.com/advisories/GHSA-2p57-rm9w-gvfpendpoint-utils is unmaintained and it doesn't seem like it will be updated.
endpoint-utils is being used in those places in testcafe: https://github.com/search?q=repo%3ADevExpress%2Ftestcafe%20endpoint-utils&type=code
Would you be willing to switch to e.g. https://github.com/samvv/node-find-free-ports instead, for the same functionality? isFreePort, getFreePort etc. If possible you could just pass "0" as the port so it gets assigned randomly, if the underlying implementation handles that.
As a bonus, you could remove the @types files for endpoint-utils that you have in this repo, as node-find-free-ports has typedefs inside the package.