mend-for-github-com[bot]
mend-for-github-com[bot]
Vulnerable Library - bautajs-fastify-3.0.2.tgz Path to dependency file: /package.json Path to vulnerable library: /node_modules/find-my-way/package.json ## Vulnerabilities | CVE | Severity | CVSS | Dependency | Type | Fixed in (bautajs-fastify...
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [opentok-accelerator-core](https://togithub.com/opentok/accelerator-core-js) | dependencies | patch | [`>=2.0.0` -> `>=2.0.21`](https://renovatebot.com/diffs/npm/opentok-accelerator-core/2.0.0/2.0.21) | By merging this...
## metrics.yml - Ensure top-level permissions are not set to write-all Violation detected in /.github/workflows/metrics.yml:[0-1] :page_with_curl: File Type: github_actions :no_entry: Details - Ensure top-level permissions are not set to write-all
## config.json - Base64 High Entropy String Violation detected in /sample-app/src/config.json:[4-5] :page_with_curl: File Type: secrets :no_entry: Details - Base64 High Entropy String
Vulnerable Library - opentok-react-native-2.28.0.tgz Path to dependency file: /BasicVideoChat/package.json Path to vulnerable library: /BasicVideoChat/node_modules/axios/package.json Found in HEAD commit: 61ff2ca836dbea7d5ecbab9402c771e3f7916abc ## Vulnerabilities | CVE | Severity | CVSS | Exploit Maturity...
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [body-parser](https://togithub.com/expressjs/body-parser) | dependencies | minor | [`^1.15.2` -> `^1.20.3`](https://renovatebot.com/diffs/npm/body-parser/1.15.2/1.20.3) | By merging this...
Vulnerable Library - body-parser-1.20.1.tgz Node.js body parsing middleware Library home page: https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz Path to dependency file: /package.json Path to vulnerable library: /node_modules/body-parser/package.json ## Vulnerabilities | CVE | Severity | CVSS...
This PR contains the following updates: | Package | Update | Change | |---|---|---| | wdm | minor | `"~> 0.1.1"` -> `"~> 0.2.0"` | --- ### Configuration 📅 **Schedule**:...
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [autoprefixer](https://redirect.github.com/postcss/autoprefixer) | dependencies | patch | [`10.4.19` -> `10.4.20`](https://renovatebot.com/diffs/npm/autoprefixer/10.4.19/10.4.20) | | [esbuild](https://redirect.github.com/evanw/esbuild) |...
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@mathigon/boost](https://mathigon.io/boost) ([source](https://redirect.github.com/mathigon/boost.js)) | dependencies | patch | [`1.2.27` -> `1.2.31`](https://renovatebot.com/diffs/npm/@mathigon%2fboost/1.2.27/1.2.31) | | [@mathigon/core](https://mathigon.io/core)...