Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prototype pollution in async #294

Closed
ClFeSc opened this issue Apr 13, 2022 · 1 comment
Closed

Prototype pollution in async #294

ClFeSc opened this issue Apr 13, 2022 · 1 comment
Labels
dependencies Pull requests that update a dependency file frontend Issues mainly related to the frontend
Projects
BP2021HG1

Comments

@ClFeSc
Copy link
Contributor

ClFeSc commented Apr 13, 2022
edited

See GHSA-fwr7-v2mv-hh25 and https://github.com/hpi-sam/digital-fuesim-manv/security/dependabot/11.

The fixing PR in jake is jakejs/jake#406.

portfinder doesn't seem to be that bothered as there is only a dependabot PR and the comment to wait for caolan/async#1828 to be merged.

It only affects dev dependencies.
@ClFeSc ClFeSc added frontend Issues mainly related to the frontend dependencies Pull requests that update a dependency file labels Apr 13, 2022
@ClFeSc ClFeSc added this to To do in BP2021HG1 via automation Apr 13, 2022
@Dassderdie
Copy link
Collaborator

The respective Angular-eslint issue.

@ClFeSc ClFeSc mentioned this issue Apr 20, 2022
Merged
@ClFeSc ClFeSc closed this as completed Apr 20, 2022
BP2021HG1 automation moved this from To do to Done Apr 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file frontend Issues mainly related to the frontend
Projects
BP2021HG1
  
Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Dassderdie @ClFeSc