dashy icon indicating copy to clipboard operation
dashy copied to clipboard

Published 20 hours ago verified publisher icon Lissy93

use the latest version for component : v8:5.5.5

Open anurag92dash opened this issue 1 year ago • 2 comments

Is your feature request related to a problem? If so, please describe.

my organization has security vulnerability tests before I deploy an opensource software. while scanning dashy image, it was recommended to use the latest version for v8:5.5.5 --> 12.1.285.24 Can you please help me upgrade this component.

Describe the solution you'd like

update the Component: v8:5.5.5 -> to latest version 12.1.285.24

Priority

Medium (Would be very useful)

Is this something you would be keen to implement

Yes!

anurag92dash avatar Apr 24 '24 04:04 anurag92dash

If you're enjoying Dashy, consider dropping us a ⭐
🤖 I'm a bot, and this message was automated

liss-bot avatar Apr 24 '24 04:04 liss-bot

update the Component: v8:5.5.5 -> to latest version 12.1.285.24

Which library? (Component isn't included in Dashy).

Re the package vulnerabilities, I have gone through each and ensured none of them are actually exploitable vulnerabilities. Course most Node.js projects will have some kind of output from npm audit, and it looks scarier than it is.

But I also totally understand that many orgs don't let you deploy anything which includes a known vulnerbale package.

Lissy93 avatar May 11 '24 14:05 Lissy93

Issue closed due to no response from user.

liss-bot avatar May 20 '24 01:05 liss-bot