You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As of today even the latest version of Gatsby brings in multiple transitive security issues.Going through majority of the previous issues, it appears that all those issues are false positives in term of gatsby usage. It would be great if the project owners can have a list of false positives listed somewhere say Security.md as it helps the community to track and document this for compliance reasons. Open vulnerable libraries as of April 2022, which couldn't be found in discussions or issues:
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
As of today even the latest version of Gatsby brings in multiple transitive security issues.Going through majority of the previous issues, it appears that all those issues are false positives in term of gatsby usage. It would be great if the project owners can have a list of false positives listed somewhere say Security.md as it helps the community to track and document this for compliance reasons. Open vulnerable libraries as of April 2022, which couldn't be found in discussions or issues:
Beta Was this translation helpful? Give feedback.
All reactions