Vulnerabilities Alerts #248
alex-hedley
started this conversation in
General
Replies: 2 comments
-
|
I think it actually is enabled already. There are 7 alerts (although not for the packages listed above), all for things that can't be updated due to conflicting dependencies... 😬 We should probably spend some time working through all these. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
@frankieroberto I'm not seeing anything on the Security tab, is this a permissions issue? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Is it worth turning on in Vulnerabilities Alerts in the repo settings?
Example
liquidjs Version < 10.0.0 Upgrade to ~> 10.0.0
Defined in
package-lock.jsonVulnerabilities CVE-2022-25948 Moderate severity
request Version <= 2.88.2
Defined in
package-lock.jsontough-cookieVersion< 4.1.3 Upgrade to ~> 4.1.3
Defined in
package-lock.jsonVulnerabilities CVE-2023-26136 Moderate severity
Beta Was this translation helpful? Give feedback.
All reactions