zhongnansu
commented
3 years ago Why are those considered CVEs? I didn't see any alert in the security tab of this repo
Closed davidcui1225 closed 3 years ago
zhongnansu
commented
3 years ago Why are those considered CVEs? I didn't see any alert in the security tab of this repo
davidcui1225
commented
3 years ago Why are those considered CVEs? I didn't see any alert in the security tab of this repo
From the ODFE Whitesourcing these are all identified as vulnerable packages of high severity
codecov[bot]
commented
3 years ago Merging #304 (09da162) into dev (837601f) will not change coverage. The diff coverage is
n/a.
@@ Coverage Diff @@
## dev #304 +/- ##
=======================================
Coverage 77.67% 77.67%
=======================================
Files 32 32
Lines 1805 1805
Branches 353 356 +3
=======================================
Hits 1402 1402
Misses 398 398
Partials 5 5 Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 837601f...09da162. Read the comment docs.
Issue #, if available: N/A Description of changes: Upgrade vulnerable package versions to address high-severity CVEs
trimto1.0.0doc-pathto2.1.2y18nto5.0.5By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.