Git vulnerabilities in your dependencies alerts

Posted In Wave
  • jahangir-mohammed 7 months ago
    *  webpack-dev-server
    * opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    * low severity
    * bootstrap
    * opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    * moderate severity
    * randomatic
    * opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    * low severity
    * cryptiles
    * opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    * high severity
    * macaddress
    * opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    * critical severity
    * url-parse
    * opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    * high severity
    * hoek
    * opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    * moderate severity
    * webpack-dev-server
    * opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    * low severity
    * randomatic
    * opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    * low severity
    * cryptiles
    * opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    * high severity
    * macaddress
    * opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    * critical severity
    * url-parse
    * opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    * high severity
    * hoek
    * opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    • webpack-dev-server
    • opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    • low severity
    • bootstrap
    • opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    • moderate severity
    • randomatic
    • opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    • low severity
    • cryptiles
    • opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    • high severity
    • macaddress
    • opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    • critical severity
    • url-parse
    • opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    • high severity
    • hoek
    • opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
    • moderate severity
    • webpack-dev-server
    • opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    • low severity
    • randomatic
    • opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    • low severity
    • cryptiles
    • opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    • high severity
    • macaddress
    • opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    • critical severity
    • url-parse
    • opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
    • high severity
    • hoek
    • opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
  • rjkmelb 7 months ago
    Do these also apply to TCG/Voyager? Now I have tested. No they don't
    
    As for the UI Kit issues and so forth, I've emailed Tony and let him know. I am sure he will be on it.
    
    

    Do these also apply to TCG/Voyager? Now I have tested. No they don't

    As for the UI Kit issues and so forth, I've emailed Tony and let him know. I am sure he will be on it.

  • tnylea 7 months ago
    Hey @jahangir-mohammed,
    
    Most of these vulnerabilities look to be issues when using these packages with Node, since the packages are only being used client side many of these warnings can be ignored. I will look further into a few of them, but for the most part everything is sanatized when data is sent to the server and passed back to the client, so many of these are irrelevant. I hope that makes sense.
    
    @rjmelb, can you send me a private message here on DevDojo and let me know which issues you would like me to look into :) I'm currently working on a new version of the DevDojo scheduled to be released in about a week and then after that I'll be all hands on deck with Wave :)
    
    Thanks! Talk to you soon.

    Hey @jahangir-mohammed,

    Most of these vulnerabilities look to be issues when using these packages with Node, since the packages are only being used client side many of these warnings can be ignored. I will look further into a few of them, but for the most part everything is sanatized when data is sent to the server and passed back to the client, so many of these are irrelevant. I hope that makes sense.

    @rjmelb, can you send me a private message here on DevDojo and let me know which issues you would like me to look into :) I'm currently working on a new version of the DevDojo scheduled to be released in about a week and then after that I'll be all hands on deck with Wave :)

    Thanks! Talk to you soon.

  • jahangir-mohammed 7 months ago
    @rjkmelb - no voyager is fine.
    @tnylea - Thank you for getting back, i understand fully, 

    @rjkmelb - no voyager is fine. @tnylea - Thank you for getting back, i understand fully,

Please login or signup to leave a response.

Login

or Sign Up

Sign Up

or Login
×
Want to create your own SAAS?

I can teach you to create your own Software as a Service. Click here to learn more!

Visit SAAS Adventure!