Git vulnerabilities in your dependencies alerts
- webpack-dev-server
- opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
- low severity
- bootstrap
- opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
- moderate severity
- randomatic
- opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
- low severity
- cryptiles
- opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
- high severity
- macaddress
- opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
- critical severity
- url-parse
- opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
- high severity
- hoek
- opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
- moderate severity
- webpack-dev-server
- opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
- low severity
- randomatic
- opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
- low severity
- cryptiles
- opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
- high severity
- macaddress
- opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
- critical severity
- url-parse
- opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
- high severity
- hoek
- opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
Hey @jahangir-mohammed,
Most of these vulnerabilities look to be issues when using these packages with Node, since the packages are only being used client side many of these warnings can be ignored. I will look further into a few of them, but for the most part everything is sanatized when data is sent to the server and passed back to the client, so many of these are irrelevant. I hope that makes sense.
@rjmelb, can you send me a private message here on DevDojo and let me know which issues you would like me to look into :) I'm currently working on a new version of the DevDojo scheduled to be released in about a week and then after that I'll be all hands on deck with Wave :)
Thanks! Talk to you soon.
@rjkmelb - no voyager is fine. @tnylea - Thank you for getting back, i understand fully,