LucaPaterlini
commented
3 months ago Thanks @Hawxy for your reply, reverted the specific commit you mentioned.
Closed LucaPaterlini closed 3 months ago
LucaPaterlini
commented
3 months ago Thanks @Hawxy for your reply, reverted the specific commit you mentioned.
Hawxy
commented
3 months ago I've rolled the relevant updates for the main package + docs into other PRs, so this can be closed. Thanks for the contribution.
LucaPaterlini
commented
3 months ago Hi @Hawxy thanks for your reply and work. Just runned the scan again and it seems a few of the changes have slipped ... Can I send a new pr with the leftovers? :)
Hawxy
commented
3 months ago The remaining projects are build infrastructure/test projects and don't need to be fixed.
Worth mentioning there's no actual security vulnerabilities to be found here, given this is a testing framework to be run in test projects. Typically, you exclude your test & build projects from Snyk as it creates a ton of unnecessary noise.
The code change is also unnecessary, as the implementation is all in-memory and doesn't send data over a network or between untrusted systems. I'll begrudgingly merge this in given this change is removed.