Closed patmmccann closed 3 days ago
Hi there @lpinca! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.
This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory
Hi @patmmccann, sounds like you are looking for help with Dependabot rather than an update to the advisory. In that case, please contact GitHub support for help.
Updates
Comments I'm not sure how to fix, but https://github.com/prebid/Prebid.js/security/dependabot/152 is not generating a pr despite reporting being able to upgrade to patched version 7.5.10. the security advisory says the earliest fixed version is in 8.17.1 and fails to generate a pull request