-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
04/22/2022 - npm
vulnerabilities
#542
Comments
@hobuobi / @macfarlandian / @Catacola - we had a nearly 50 NPM vulnerabilities hit this repo this week. Would you please make sure these are addressed in the next 30 days. Thanks! |
@phenggeler - label applied: Due this month. |
I think (but others may disagree) that @lilidworkin and her team should be the primary assignees for Dependabot issues in this repo from now on, as they are starting to take over more ownership of Spotlight? I don't mind looking into these though if they need the support, it seems to be mostly the usual false positives anyway |
I'm fine with that! Can I get some context on what this is / how to address these / what I should be looking for, etc? |
All alerts have either been resolved through upgrades, or dismissed because there is no easy fix and risk is tolerable. |
Thanks @lilidworkin |
due: 2022-05-22
Please address the Dependabot
npm
vulnerabilities in this repository.The text was updated successfully, but these errors were encountered: