lots of outdated dependencies, it just doesn't look good for a software meant to manage money
for an example, electron
Electron, too, spun into action and released new versions the same day: If your app renders any user-provided content, you should update your version of Electron - v27.0.0-beta.2, v26.2.1, v25.8.1, v24.8.3, and v22.3.24 all contain a fixed version of libwebp, the library responsible for rendering webp images.
v23 which is used isn't mentioned so this isn't clear, let's assume it can probably be bomb'd with a malicious nft due to outdated libwebp/libvpx.
I guess it would be a good idea to not only update everything but also work on dropping as many deps as possible
77 vulnerabilities (2 low, 13 moderate, 55 high, 7 critical)lots of outdated dependencies, it just doesn't look good for a software meant to manage money
for an example, electron
v23 which is used isn't mentioned so this isn't clear, let's assume it can probably be bomb'd with a malicious nft due to outdated libwebp/libvpx.
I guess it would be a good idea to not only update everything but also work on dropping as many deps as possible