Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is this project still alive - unfixed critical vulnerabilities in dependencies #60

Open
BePo65 opened this issue Nov 14, 2024 · 2 comments
Open

Is this project still alive - unfixed critical vulnerabilities in dependencies #60

BePo65 opened this issue Nov 14, 2024 · 2 comments
Labels
dependencies Pull requests that update a dependency file question A question needs to be answered before progress can be made on this issue

Comments

@BePo65
Copy link

BePo65 commented Nov 14, 2024
edited
Loading

Running npm audit lists many vulnerabilities:

19 vulnerabilities (5 moderate, 6 high, 8 critical)

Since there are pull requests still open fixing some of these issues dating from 2022, it seems that this project is abandoned.

@indexzero : is it worth creating a fix for these issues? I would do this, only if we have a chance to get this project up to date on npmjs too.
@nelsonic nelsonic added the dependencies Pull requests that update a dependency file label Nov 19, 2024
@BePo65 BePo65 changed the title Is this project still alive - unfixed critical issues with versions of used packages Is this project still alive - unfixed critical vulnerabilities in dependencies Nov 26, 2024
@MikeMcC399 MikeMcC399 mentioned this issue Nov 28, 2024
Open
@BePo65 BePo65 mentioned this issue Nov 28, 2024
Open
@MikeMcC399

This comment was marked as resolved.

Sign in to view
@nelsonic nelsonic added the question A question needs to be answered before progress can be made on this issue label Nov 30, 2024
@nelsonic
Copy link
Collaborator

@MikeMcC399, I was granted write access back in the day. ✍️
So can assist with maintenance. 🧹
Starting with the CI side-quest: #61

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file question A question needs to be answered before progress can be made on this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nelsonic @BePo65 @MikeMcC399