oxsecurity / megalinter

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.

https://megalinter.io

GNU Affero General Public License v3.0

1.9k stars 230 forks source link

Dependency "ip" needs to be replaced #3623

Closed muffl0n closed 2 months ago

muffl0n commented 3 months ago

As described in #3619 we need to update the transitive dependency ip to a version without a known CVE or get rid of it completely.

Afterwards, e7a61250d89d14ebc61ea9c3547d442c2b5136d4 and 8ae5f2d78805bc470e7c0968a029f74771d7aef4 need to be reverted.

muffl0n commented 3 months ago

3647 upgrades `yeoman-environment` and `yeoman-generator`. This gets rid of the transitive dependency `ip` cause `ip-address` is used now.

github-actions[bot] commented 2 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.

If you think this issue should stay open, please remove the O: stale 🤖 label or comment on the issue.

oxsecurity / megalinter

Dependency "ip" needs to be replaced #3623

3647 upgrades yeoman-environment and yeoman-generator. This gets rid of the transitive dependency ip cause ip-address is used now.

3647 upgrades `yeoman-environment` and `yeoman-generator`. This gets rid of the transitive dependency `ip` cause `ip-address` is used now.