Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated dependencies #22

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Updated dependencies #22

wants to merge 1 commit into from

Conversation

jeffgca
Copy link

@jeffgca jeffgca commented Jun 27, 2023

Description

Updated dependencies based on this:

➜ walletauth (main) ✔ npm audit
# npm audit report

@sveltejs/kit  <=1.15.1
Severity: high
SvelteKit vulnerable to Cross-Site Request Forgery - https://github.com/advisories/GHSA-5p75-vc5g-8rv2
SvelteKit framework has Insufficient CSRF protection for CORS requests - https://github.com/advisories/GHSA-gv7g-x59x-wf8f
fix available via `npm audit fix`
node_modules/@sveltejs/kit

vite  4.0.0 - 4.0.4
Severity: high
Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//) - https://github.com/advisories/GHSA-353f-5xf4-qw67
fix available via `npm audit fix`
node_modules/vite

2 high severity vulnerabilities

To address all issues, run:
  npm audit fix

@vercel
Copy link

vercel bot commented Jun 27, 2023

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
walletauth ❌ Failed (Inspect) Jun 27, 2023 7:02pm

@jeffgca jeffgca requested a review from avivash June 27, 2023 19:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@avivash avivash Awaiting requested review from avivash

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@jeffgca