search

inSileco / inSileco.github.io

:globe_with_meridians: Our blog powered by blogdown
https://blog.insileco.io/
GNU General Public License v3.0
8 stars 1 forks source link

eslint security alert - update leaflet and rebuild page #76

Closed remi-daigle closed 4 years ago

remi-daigle commented 5 years ago

Hey folks,

I've been getting security alert emails (pasted below) from github about this page and some of my own github pages.

The solution for me has been to update my leaflet package and rebuild my pages. So EVERYONE who ever builds the page should update their packages!

GitHub security alert digest remi-daigle’s repository security updates from the week of Sep 10 - Sep 17

inSileco organization Warning!
inSileco / inSileco.github.io Known security vulnerabilities detected

Dependency eslint
Version < 4.18.2
Upgrade to ~> 4.18.2 Vulnerabilities WS-2018-0592 Moderate severity Defined in package.json

KevCaz commented 5 years ago

Given that the website is built by Travis I think we should rather not push files included in static/markdown-lib/. But given that we archive posts I guess this may be tricky.

remi-daigle commented 5 years ago

Yes, I'm sure there are a few possible solutions, I just suggested what worked for my other pages, I leave it to others to actually 'solve' this issue

KevCaz commented 5 years ago

I removed static/markdown-lib/not sure yet if it's enough.

KevCaz commented 4 years ago

I think this has be solved, let's reopen this if not.