Open mwri opened 6 years ago
'Insecure' tags are being applied to some packages which do not have any apparent vulnerabilities.
For example lostofs currently has a red 'insecure' tag, see first result from the npms.io search.
Hovering over the tag it says:
Package lostofs@1.0.6 has 3 vulnerabilities. For more details, check against nodesecurity.io.
However, following the link to nodesecurity.io it says there are none:
There are no known vulnerabilities for lostofs@latest or any of its dependencies.
Same with my packages (unsplash-source-node and ttgram) https://npms.io/search?q=author%3Atiagodanin
'Insecure' tags are being applied to some packages which do not have any apparent vulnerabilities.
For example lostofs currently has a red 'insecure' tag, see first result from the npms.io search.
Hovering over the tag it says:
However, following the link to nodesecurity.io it says there are none: