Closed rudi-cilibrasi closed 1 month ago
@rudi-cilibrasi you can add the tags level1 (10 points), level2 (30 points), or level3 (45 points) depending on the complexity of the task. Without one of these tags the issue is worth only one point. Maybe bump it up a level if you think this is high severity.
i will put level 3 assuming somebody fixes all. if somebody only does the most critical it is level 1.
Is it possible the move to Vite will resolve some of these?
The deprecated create-react-app gives a warning referencing Babel and may be the source of the critical issue.
The move to Vite (PR #152 ) fixed the two security issues including the one with "critical" severity. Seven issues remain.
PRs #153 and #154 fix remaining alerts. Issue is closed.
https://github.com/joyhughes/Jen/security/dependabot