vergjor
commented
3 months ago Please also bump the version cpy in the cpy-cli package as well once this is resolved
Open vergjor opened 3 months ago
vergjor
commented
3 months ago Please also bump the version cpy in the cpy-cli package as well once this is resolved
az-nextsec
commented
3 weeks ago Apparently micromatch 4.0.6 does not resolve that CVE
vergjor
commented
3 weeks ago Apparently micromatch 4.0.6 does not resolve that CVE
which tool are you using for checking for security issues? we are using VeraCode and from what I see from this link it says that 4.0.6 is the version where this issue is resolved
az-nextsec
commented
3 weeks ago @vergjor Github's own advisory that I am getting from npm
While running a security scan on our application, there was a security issue found for the micromatch@4.0.5 dependency
Please update to version micromatch@4.0.6 as soon as possible