search

oddsdk / odd-app-template

A sveltekit web app template for the ODD SDK.
https://odd-template.fission.app
MIT License
29 stars 10 forks source link

updated dependencies #127

Open jeffgca opened 1 year ago

jeffgca commented 1 year ago

Noticed the template had some security changes in the queue:

# npm audit report

@sveltejs/kit  <=1.15.1
Severity: high
SvelteKit vulnerable to Cross-Site Request Forgery - https://github.com/advisories/GHSA-5p75-vc5g-8rv2
SvelteKit framework has Insufficient CSRF protection for CORS requests - https://github.com/advisories/GHSA-gv7g-x59x-wf8f
Depends on vulnerable versions of undici
fix available via `npm audit fix`
node_modules/@sveltejs/kit

undici  <=5.19.0
Severity: high
Regular Expression Denial of Service in Headers - https://github.com/advisories/GHSA-r6ch-mqf9-qc9w
CRLF Injection in Nodejs ‘undici’ via host - https://github.com/advisories/GHSA-5r9g-qh6m-jxff
fix available via `npm audit fix`
node_modules/undici
vercel[bot] commented 1 year ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
odd-app-template ✅ Ready (Inspect) Visit Preview Jun 1, 2023 10:37pm