Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting Dependabot Alert #574

Open
manoj27730 opened this issue Jun 7, 2024 · 2 comments
Open

Getting Dependabot Alert #574

manoj27730 opened this issue Jun 7, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@manoj27730
Copy link

What happened?

Hi Team,

I am trying to add the actions "https://github.com/actions/upload-artifact" with version v4.3.3 in our Enterprise GitHub repository.

While adding the GitHub Team found, there were 3 vulnerabilities found in the action that you requested for by Dependabot:

The team is unable to import this action for usage in because of the vulnerabilities found in the dependencies used by this action that might pose a security threat.

I have attached the screenshot of the vulnerabilities.
Dependabot_alert

What did you expect to happen?

Fix the Dependabot Alerts

How can we reproduce it?

It's our internal repo.

Anything else we need to know?

No response

What version of the action are you using?

v4.3.3

What are your runner environments?

window

Are you on GitHub Enterprise Server? If so, what version?

No response
@manoj27730 manoj27730 added the bug Something isn't working label Jun 7, 2024
@manoj27730
Copy link
Author

Hi Team,

Any update on the above issue?

Thanks,
Manoj Kumar Sahu

@manoj27730
Copy link
Author

Hi Team,

Any update on the above issue?

Thanks,
Manoj Kumar Sahu

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@manoj27730