-
-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
resolving a long list of security vln found using snyk 👍 #164
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-VITE-6182924 - https://snyk.io/vuln/SNYK-JS-VITE-6098386 - https://snyk.io/vuln/SNYK-JS-VITE-6531286
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-VITE-6182924 - https://snyk.io/vuln/SNYK-JS-VITE-6098386 - https://snyk.io/vuln/SNYK-JS-VITE-6531286
…b06a9dce10325 [Snyk] Security upgrade vitepress from 1.0.0-rc.20 to 1.0.0
…2e2807a197d77 [Snyk] Security upgrade vitepress from 1.0.0-rc.20 to 1.0.0
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTJSON-7433719
…08832210a516e [Snyk] Security upgrade Microsoft.AspNetCore.Mvc.Testing from 8.0.0 to 8.0.7
Worth mentioning there's no actual security vulnerabilities to be found here, given this is a testing framework to be run in test projects. Typically, you exclude your test & build projects from Snyk as it creates a ton of unnecessary noise. The code change is also unnecessary, as the implementation is all in-memory and doesn't send data over a network or between untrusted systems. I'll begrudgingly merge this in given this change is removed. |
…nitized input" This reverts commit 48e11cd.
Thanks @Hawxy for your reply, reverted the specific commit you mentioned. |
I've rolled the relevant updates for the main package + docs into other PRs, so this can be closed. Thanks for the contribution. |
Hi @Hawxy thanks for your reply and work. |
The remaining projects are build infrastructure/test projects and don't need to be fixed. |
No description provided.