You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The report says that "a default configuration in CometBFT has been found to be small for common use cases" and refers to EvidenceParams. But the DefaultEvidenceParams function that supplies these defaults has not been changed in two years.
Our rationale for that label is that govulncheck has nothing to base a report on. It would give false positives to anyone who adjusted the defaults appropriately, as well as anyone who used the defaults in a situation where they made sense.
In GitHub Security Advisory GHSA-555p-m4v6-cqxv, there is a vulnerability in the following Go packages or modules:
Cross references:
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: