Insecure lib on https://retirejs.github.io/retire.js/

RetireJS / retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

https://retirejs.github.io/retire.js/

Other

3.66k stars 414 forks source link

Insecure lib on https://retirejs.github.io/retire.js/ #349

Closed jmanico closed 3 years ago

jmanico commented 3 years ago

The main github page for Retire.js https://retirejs.github.io/retire.js/ is using (wait for it) an insecure library that I found with (wait for it again) Retire.js

Fate it seems is not without a sense of irony

Morpheus

eoftedal commented 3 years ago

Yeah... Vulnerable lib doesn't necessarily mean vulnerable site, but I fixed it anyways 😄

eoftedal commented 3 years ago

Thanks for reporting

jmanico commented 3 years ago

Thank you kind sir! I totally agree with your assessment and am just trying to be an ally, I love your work! I plan to submit a PR to help drop some of the errors I see in Chrome, I owe you some time this weekend :)