You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
HI!
I recently been experiencing npm audit and on all of my projects I get some vulnerabilities related to hoek with the threat being prototype pollution. Actually I'm not familiar with hoek and the way it works!
So I just opened an issue!
Is manipulating prototypes the way hoek does things and if so, is it gonna change in near future?
And lets suppose I (or some other contributor) wants to do things that his/her npm audit return clean results, should the actions be taken on hoek repo or node-sass repo or other repos using hoek (boom, hawk, request,cryptiles, sntp)?
Thanks!
The text was updated successfully, but these errors were encountered:
aghArdeshir
changed the title
prototype pollution issues in on npm audit log
prototype pollution issues on npm audit log
May 23, 2018
aghArdeshir
changed the title
prototype pollution issues on npm audit log
prototype pollution issues in npm audit log
May 23, 2018
This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.
lockbot
locked as resolved and limited conversation to collaborators
Jan 9, 2020
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
non issueIssue is not a problem or requires changes
HI!
I recently been experiencing
npm audit
and on all of my projects I get some vulnerabilities related tohoek
with the threat beingprototype pollution
. Actually I'm not familiar with hoek and the way it works!So I just opened an issue!
Is manipulating prototypes the way hoek does things and if so, is it gonna change in near future?
And lets suppose I (or some other contributor) wants to do things that his/her
npm audit
return clean results, should the actions be taken on hoek repo or node-sass repo or other repos using hoek (boom, hawk, request,cryptiles, sntp)?Thanks!
The text was updated successfully, but these errors were encountered: