Products

Tails

Create websites with TailwindCSS

Static

Create a static website

MarkdownX

The Markdown editor of the future

Pines

Create websites with TailwindCSS

Wave

Start building the next great SaaS

Designer

Create web designs with AI

Coming Soon

View All of Our Products

Community

Join 101,611 other developers as we learn, build, and grow together.

Connect with fellow developers and gain access to tools that will help you build a profitable SaaS 🚀

Community

🏠 Home 🙋 Questions 🍿 Videos 🎓 Courses 🤓 Snippets 🤣 Fun

Rewards

⭐ Points 🎖 Badges 💰 DevCoin 🏆 Contests

Resources

📘 Guides 📚 eBooks 💡 Topics

Meet the Team

Tony Lea

Founder / Developer

Bobby Iliev

Co-Founder / DevOps

Boyan Iliev

Developer / DevOps

View All Users

Pricing

About

🦺

Help & Support

Have a question or need help

🤝

Sponsorships

Learn about sponsorships

📄

Terms of Service

The boring legal stuff

Git vulnerabilities in your dependencies alerts

Jahangir Mohammed Visit User Profile

jahangir-mohammed ・

Feb 6th, 2019 12:46 PM

webpack-dev-server
opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
low severity
bootstrap
opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
moderate severity
randomatic
opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
low severity
cryptiles
opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
high severity
macaddress
opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
critical severity
url-parse
opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
high severity
hoek
opened 19 hours ago by GitHub • resources/views/themes/uikit/package-lock.json
moderate severity
webpack-dev-server
opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
low severity
randomatic
opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
low severity
cryptiles
opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
high severity
macaddress
opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
critical severity
url-parse
opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json
high severity
hoek
opened 19 hours ago by GitHub • resources/views/themes/bootstrap/package-lock.json

Report

rjkmelb ・

Feb 6th, 2019 01:17 PM

Do these also apply to TCG/Voyager? Now I have tested. No they don't

As for the UI Kit issues and so forth, I've emailed Tony and let him know. I am sure he will be on it.

Report

tnylea ・

Feb 6th, 2019 02:24 PM

Hey @jahangir-mohammed,

Most of these vulnerabilities look to be issues when using these packages with Node, since the packages are only being used client side many of these warnings can be ignored. I will look further into a few of them, but for the most part everything is sanatized when data is sent to the server and passed back to the client, so many of these are irrelevant. I hope that makes sense.

@rjmelb, can you send me a private message here on DevDojo and let me know which issues you would like me to look into :) I'm currently working on a new version of the DevDojo scheduled to be released in about a week and then after that I'll be all hands on deck with Wave :)

Thanks! Talk to you soon.

Report

jahangir-mohammed ・

Feb 6th, 2019 03:29 PM

@rjkmelb - no voyager is fine. @tnylea - Thank you for getting back, i understand fully,

Report