Open tunerji opened 7 months ago
npm audit fix npm WARN audit fix bsock@0.1.11 node_modules/bsock npm WARN audit fix bsock@0.1.11 is a bundled dependency of npm WARN audit fix bsock@0.1.11 bcoin@2.2.0 at npm WARN audit fix bsock@0.1.11 It cannot be fixed automatically. npm WARN audit fix bsock@0.1.11 Check for updates to the bcoin package. npm WARN audit fix bweb@0.1.9 node_modules/bweb npm WARN audit fix bweb@0.1.9 is a bundled dependency of npm WARN audit fix bweb@0.1.9 bcoin@2.2.0 at npm WARN audit fix bweb@0.1.9 It cannot be fixed automatically. npm WARN audit fix bweb@0.1.9 Check for updates to the bcoin package. npm WARN audit fix bcurl@0.1.10 node_modules/bcurl npm WARN audit fix bcurl@0.1.10 is a bundled dependency of npm WARN audit fix bcurl@0.1.10 bcoin@2.2.0 at npm WARN audit fix bcurl@0.1.10 It cannot be fixed automatically. npm WARN audit fix bcurl@0.1.10 Check for updates to the bcoin package.
up to date, audited 31 packages in 6s
bsock * Severity: critical bsock uses weak hashing algorithms - https://github.com/advisories/GHSA-jj93-39pf-7mcf No fix available node_modules/bsock bcurl >=0.0.1 Depends on vulnerable versions of bsock node_modules/bcurl bweb >=0.0.1 Depends on vulnerable versions of bsock node_modules/bweb
3 critical severity vulnerabilities
Some issues need review, and may require choosing a different dependency.
I would like to work on this, can you assign this to me
npm audit fix npm WARN audit fix bsock@0.1.11 node_modules/bsock npm WARN audit fix bsock@0.1.11 is a bundled dependency of npm WARN audit fix bsock@0.1.11 bcoin@2.2.0 at npm WARN audit fix bsock@0.1.11 It cannot be fixed automatically. npm WARN audit fix bsock@0.1.11 Check for updates to the bcoin package. npm WARN audit fix bweb@0.1.9 node_modules/bweb npm WARN audit fix bweb@0.1.9 is a bundled dependency of npm WARN audit fix bweb@0.1.9 bcoin@2.2.0 at npm WARN audit fix bweb@0.1.9 It cannot be fixed automatically. npm WARN audit fix bweb@0.1.9 Check for updates to the bcoin package. npm WARN audit fix bcurl@0.1.10 node_modules/bcurl npm WARN audit fix bcurl@0.1.10 is a bundled dependency of npm WARN audit fix bcurl@0.1.10 bcoin@2.2.0 at npm WARN audit fix bcurl@0.1.10 It cannot be fixed automatically. npm WARN audit fix bcurl@0.1.10 Check for updates to the bcoin package.
up to date, audited 31 packages in 6s
npm audit report
bsock * Severity: critical bsock uses weak hashing algorithms - https://github.com/advisories/GHSA-jj93-39pf-7mcf No fix available node_modules/bsock bcurl >=0.0.1 Depends on vulnerable versions of bsock node_modules/bcurl bweb >=0.0.1 Depends on vulnerable versions of bsock node_modules/bweb
3 critical severity vulnerabilities
Some issues need review, and may require choosing a different dependency.