Closed Bobby99as closed 3 years ago
greysdawn
commented
3 years ago This public repo isn't really maintained anymore, as stated in the readme the bot is now closed source; the packages are kept up to date on the private version. I can update them later (or another dev can), but for future reference this repo is bound to be out of date
Bobby99as
commented
3 years ago at least if its going to be up make sure to update it stuff so others don't get hacked
ghost
commented
3 years ago @Bobby99as as far as I'm aware, there's no vulnerabilities in the dependencies, but if npm shows any please use common sense when reading them: https://overreacted.io/npm-audit-broken-by-design/
You need to update the NPM packages a couple of them have severe vulnerabilities and a bunch of them have medium to low vulnerabilities