Closed 9rb closed 3 years ago
@9rb did you turn on some bot or something? Would you please turn it off? It's generating a lot of noise and I haven't seen anything of value yet.
Snyk says it "opens pull requests to fix known vulnerabilities" but I don't see any info about vulnerabilities here.
Github already does pretty good reporting of vulnerabilities.
@9rb spamming all over rchain-community with a bot and then not responding to feedback about it is not welcome community behavior.
@jimscarver please help get @9rb to address these comments. If he's not going to be responsive, I don't see how we can keep him in the organization.
I managed to turn it off.
Snyk has created this PR to upgrade ethereumjs-util from 7.0.7 to 7.0.8.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs