-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Investigate dependabot security alert #8 - tough cookie #187
Comments
@edhamiltonHO it appears this is being looked at upstream, there is an open issue for this. My suggestion would to wait until resolved. |
OK, do we have a view on the risk this presents to us? I'd presume fairly low as related to cookies, which we aren't using, but would be good to be clear |
This looks to have been resolved in a release of cypress/request last week: https://github.com/cypress-io/request/releases/tag/v2.88.12 |
@robertdeniszczyc2 Unfortunately, this is for the |
@robertdeniszczyc2 I misread that, apologies. Yes, hopefully the fix above suggests a fix for the |
Looks like there are two open PRs on Cypress for this: |
A fix has been merged under cypress-io/cypress#27515, hopefully will be included in the next release |
According to the thread the change was merged to Cypress in 12.17.4, from https://github.com/HO-CTO/engineering-guidance-and-standards/pull/248 we are now on 13.x so I think this can be closed |
No description provided.
The text was updated successfully, but these errors were encountered: