lnbc1QWFyb24
commented
1 year ago I also updated the Sveltekit dependency to fix a couple of security alerts.
Closed lnbc1QWFyb24 closed 1 year ago
lnbc1QWFyb24
commented
1 year ago I also updated the Sveltekit dependency to fix a couple of security alerts.
socket-security[bot]
commented
1 year ago New dependency changes detected. Learn more about Socket for GitHub ↗︎
👍 No new dependency issues detected in pull request
To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all
Ignoring: @sveltejs/kit@1.15.2
| Issue | Status |
|---|---|
| Install scripts | ✅ 0 issues |
| Native code | ✅ 0 issues |
| Bin script shell injection | ✅ 0 issues |
| Unresolved require | ✅ 0 issues |
| Invalid package.json | ✅ 0 issues |
| HTTP dependency | ✅ 0 issues |
| Git dependency | ✅ 0 issues |
| Potential typo squat | ✅ 0 issues |
| Known Malware | ✅ 0 issues |
| Telemetry | ✅ 0 issues |
| Protestware/Troll package | ✅ 0 issues |
📊 Modified Dependency Overview:
| ⬆️ Updated Package | Version Diff | Added Capability Access | +/- Transitive Count |
Publisher |
|---|---|---|---|---|
| @sveltejs/kit@1.15.2 | 1.8.4...1.15.2 | None | +0/-0 |
svelte-admin |
lnbc1QWFyb24
commented
1 year ago @SocketSecurity ignore @sveltejs/kit@1.15.2
This PR connects Clams to a new server endpoint:
https://api.clams.techwhich has a new codebase. Exchange rates will be fetched and cached by the server, and the app will fetch from there instead. This will help with rate limits on the external exchange rate API's. To save bandwidth the app will only fetch the exchange rate for the fiat denomination that is set in the app. A new exchange rate will be fetched every 5 minutes or when the fiat denomination is changed.The wsproxy lives at the /ws-proxy route on the new server and Clams now connects to that. The https proxy for lnurl calls lives at /http-proxy.
Closes #144